5.17. Logging sudo Remotely
Problem
You want your sudo logs kept off-host to prevent tampering or interference.
Discussion
Remember that the remote host’s syslogd needs must be invoked with the -r flag to receive remote messages. Make sure your remote host doesn’t share root privileges with the sudo host, or else this offhost logging is pointless.
See Also
syslog.conf(5), syslogd(8).
Get Linux Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.