1.3.3 Ensure sudo log file exists

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


sudo can use a custom log file


A sudo log file simplifies auditing of sudo commands


edit the file /etc/sudoers or a file in /etc/sudoers.d/ with visudo -f and add the following line: and add the following line:

Defaults logfile='<PATH TO CUSTOM LOG FILE>'


Defaults logfile='/var/log/sudo.log'


visudo edits the sudoers file in a safe fashion, analogous to vipw(8). visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks or parse errors. If the sudoers file is currently being edited you will receive a message to try again later.

See Also