July 21, 20232 yr It would be greatly appretiated to have access log for different features (VNC, samba, web UI). I know some can be probably read from syslog, but at least for the VNC, I haven't seen anything there. The use case for me is that I have had a security issue where somebody logged into my VM using VNC and while I managed to catch that pretty soon (for that specific session), I am not sure whether it is possible he logged in at some other point in the past. VNC log would help greatly in this case.
July 22, 20232 yr Solution 15 hours ago, Lukáš Řádek said: It would be greatly appretiated to have access log for different features (VNC, samba, web UI). I know some can be probably read from syslog, but at least for the VNC, I haven't seen anything there. The use case for me is that I have had a security issue where somebody logged into my VM using VNC and while I managed to catch that pretty soon (for that specific session), I am not sure whether it is possible he logged in at some other point in the past. VNC log would help greatly in this case. Not found any way to enable logging. The following will show connections when active. root@computenode:/mnt/user/appdata/NUT-unRAID/plugin# virsh qemu-monitor-command Slackware3 --pretty query-vnc { "return": { "enabled": true, "auth": "vnc", "family": "ipv4", "clients": [ { "family": "ipv4", "service": "23698", "host": "192.168.1.41", "websocket": false }, { "family": "ipv4", "service": "49494", "host": "127.0.0.1", "websocket": true } ], "service": "5901", "host": "0.0.0.0" }, "id": "libvirt-459" } root@computenode:/mnt/user/appdata/NUT-unRAID/plugin# I have requested a feature request to QEMU team for a security log.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.