16 Nov
2018
16 Nov
'18
12:43 a.m.
Hi, One of our systems, running ARCH Linux, was compromised (a non-privileged account, fortunately). But, we could not find /var/log/auth.log or similar for investigation. Does the journal keep track of login attempts? It seems that ARCH does not run [r]syslogd. Best regards, Maxe kaasen@nuts-edu.no