Logging Settings: Real-time Reporting Of User Access?

This seems like something that should be relatively straight forward, but we have not found a solution on google or by searching the forums Any help would be appreciated.

We'd like to turn on additional logging that would allow real time reporting of login/logoff events. We know that these events are stored binary files, but in several other Unix systems these events are also reported textually by syslog to /var/log/messages, /var/log/secure, etc. But OpenSUSE 10.2 only seems to report logfails, or remote accesses such as from ssh. Logins from the console, or from xdm are not reported and we'd like them to be. So how do we turn this reporting on? We presumed that we should be able to change some pam or syslog settings to turn on reporting of these events but, unfortunately, the various things we have tried have all failed. Any recommendations on how to do this? Thanks.

i know its a pretty simple way but maybe tcp wrappers for some servers? let me know if you find something else. ;)

Quote:

This seems like something that should be relatively straight forward, but we have not found a solution on google or by searching the forums Any help would be appreciated.

We'd like to turn on additional logging that would allow real time reporting of login/logoff events.
[/b]

Use last and lastb to display logins and failed login attempts (lastb). This displays the information stored in /var/log/wtmp and /var/log/btmp resp. Since logging of bad logins is not switched on by deafault, you have to enable it by touch /var/log/btmp first.

Has anyone every successfully got lastb working on a suse box?

Ive tried many times with failed logins but nothing gets logged there.

Rob

..then try
faillog -a
assuming that faillog is on:
faillog -u root

explanation
man faillog (so you would know why root only if set as above)