Dear all, I have an dns server using PowerDNS and PowerAdmin-2.1.5 My system works great until one day, someone in of my team logged in PowerAdmin GUI website and change some PDNS record (all member of my team had right to log-in & modify any record) So, that's the problem, i want to audit what username logged in & what they do after logged-in. I found that the latest version of poweradmin can help me to logging the success & fail log in. After some configuration & updating poweradmin version form 2.1.5 to 2.1.6, in my /var/log/messages start to log user authenticated of powerdns. For example: *Jan 21 11:45:19 localhost poweradmin: Successful authentication attempt from [x.x.x.x] for user 'XXX' Jan 21 11:45:44 localhost poweradmin: Failed authentication attempt from [x.x.x.x] for user 'YYY'* So now, i want to save these information to a separate file (not in /var/log/messages) And can you show me how to log what user do after logged in (such as change record, add zone ... more detail more great) Thank you so much ! Vinh Ho

Dear all, I have an dns server using PowerDNS and PowerAdmin-2.1.5 My system works great until one day, someone in my team logged in PowerAdmin GUI website and change some PDNS record (all member of my team had right to log-in & modify any record) So, that's the problem, i want to audit what username logged in & what they do after logged-in. I found that the latest version of poweradmin can help me to logging the success & fail log in. After some configuration & updating poweradmin version form 2.1.5 to 2.1.6, in my /var/log/messages start to log user authenticated of powerdns. For example: Jan *Jan 21 11:45:19 localhost poweradmin: Successful authentication attempt from [x.x.x.x] for user 'XXX' Jan 21 11:45:44 localhost poweradmin: Failed authentication attempt from [x.x.x.x] for user 'YYY' 'YYY'* So now, i want to save these information to a separate file (not in /var/log/messages) And can you show me how to log what user do after logged in (such as change record, add zone ... more detail more great) Thank you so much ! Vinh Ho

Dear all, I have an dns server using PowerDNS and PowerAdmin-2.1.5 My system works great until one day, someone in my team logged in PowerAdmin GUI website and change some PDNS record (all member of my team had right to log-in & modify any record) So, that's the problem, i want to audit what username logged in & what they do after logged-in. I found that the latest version of poweradmin can help me to logging the success & fail log in. After some configuration & updating poweradmin version form 2.1.5 to 2.1.6, in my /var/log/messages start to log user authenticated of powerdns. For example: Jan 21 11:45:19 localhost poweradmin: Successful authentication attempt from [x.x.x.x] for user 'XXX' Jan 21 11:45:44 localhost poweradmin: Failed authentication attempt from [x.x.x.x] for user 'YYY' So now, i want to save these information to a separate file (not in /var/log/messages) And can you show me how to log what user do after logged in (such as change record, add zone ... more detail more great) Thank you so much ! Vinh Ho