Forum Discussion
hooleylist
Feb 04, 2008Cirrostratus
Access to the admin GUI is logged according to the syslog-ng.conf (/etc/syslog-ng/syslog-ng.conf). You should see log entries in /var/log/httpd/ssl_access_log and ssl_request_log. Depending on exactly how you want to handle the log entries, you could create a new filter, destination and log statement in the syslog-ng. The filter would look for the string(s) which indicate a successful and/or failed login attempt. Take a look at the existing syslog-ng.conf entries for some examples or give it a shot and reply with any questions.
Aaron