# Additional syslog sockets for chrooted SFTP users



## ph0enix (Apr 1, 2022)

I need to be able to log SFTP activity for multiple chrooted users (potentially 20+).   I've been adding syslogd_flags for each user to /etc/rc.conf as follows:

```
syslogd_flags="-s -l /ftproot/user1/dev/log -l /ftproot/user2/dev/log"...
```

It's not particularly pretty and if I remember correctly, the limit of additional syslog sockets is 19.  What if I end up having 30 SFTP users?  Is there a better way of handling this?


----------



## ph0enix (Apr 5, 2022)

Is there no other way?


----------



## covacat (Apr 5, 2022)

you can use inetd to listen on unix sockets and netcat them to /var/run/log


----------

