/usr/share/doc/ejabberd-mod-logsession/README.txt is in ejabberd-mod-logsession 0.2016.09.12~dfsg0-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 | mod_logsession - Log session connections to file
Homepage: http://www.ejabberd.im/mod_logsession
Author: Badlop
Requirements: ejabberd 14.05 or newer
DESCRIPTION
-----------
This module is intended to log in a text file the session connections.
Right now it only logs the forbidden connection attempts and the
failed authentication attempts.
Each vhost is logged in a different file.
Note: to log the failed authentication attempts, you need to patch ejabberd.
INSTALL
-------
1 Copy this file to ejabberd/src/mod_logsession.erl
2 Recompile ejabberd
3 Add to ejabberd.yml, 'modules' section the basic configuration:
mod_logsession: {}
4 With this configuration, the log files are:
/tmp/ejabberd_logsession_@HOST@.log
CONFIGURABLE PARAMETERS
-----------------------
sessionlog:
Define the name of log files.
The keyword @HOST@ will be substituted with the name of each vhost.
Default value: "/tmp/ejabberd_logsession_@HOST@.log"
EXAMPLE CONFIGURATION
---------------------
modules:
...
mod_logsession:
sessionlog: "/var/log/ejabberd/session_@HOST@.log"
...
With that configuration, if the server has three vhosts:
"localhost", "example.org" and "example.net",
then the forbidden accesses will be logged in the files:
/var/log/ejabberd/session_localhost.log
/var/log/ejabberd/session_example.org.log
/var/log/ejabberd/session_example.net.log
FORMAT OF LOG
-------------
The content of the file is the date and time of the attempted login
and the JID of the denied user.
For example:
2008-01-08 12:20:50 Forbidden session for tron@localhost/teeest
2008-01-08 12:36:01 Forbidden session for baduser@localhost/aaa22
2010-04-02 17:21:37 Failed legacy authentication for someuser@localhost from 127.0.0.1 port 58973
2010-04-02 17:25:20 Failed sasl_resp authentication for badlop@localhost from 127.0.0.1 port 45842
REOPEN LOG FILES
----------------
This module provides an ejabberd command to reopen the log file
of a host where the module is enabled.
Example usage:
ejabberdctl reopen-seslog localhost
ejabberdctl reopen-seslog jabber.example.org
|