Synology Authentication Logs

If you’re like me, you need to constantly review access logs for audits. Synology’s devices are great for many things, one of them being that you can review logs via command line. Fair warning, accessing your Synology device or modifying it via CLI can void your warranty.

After you have logged into the device, you will first need to become a super user. The only way you can view log files or any important configuration files is by elevating your privileges.

Next, you will need to navigate to /var/log

cd /var/log


After that, you can use cat, tail, or head to view the contents of the file. If you are looking for a specific account i recommend grepping for the account.

cat auth.log | grep "admin"

Once you grep for that account, only logs related to that account will be shown on the screen.

2018-08-08T06:57:17-05:00 roguefive sshd[19791]: PAM 1 more authentication fail ure; logname= uid=0 euid=0 tty=ssh ruser= rhost= user=admin



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s