Enable VSFTPD logging and its interpretation

enable VSFTPD logging and its interpretation

The following content in vsftpd.conf defines how logs are logged:

# indicates FTP server record upload download situation
Xferlog_enable=yes
# indicates that the uploaded download of the record is written in the file specified by Xferlog_file, that is, in the file specified by the Xferlog_file option
Xferlog_std_format=yes
Xferlog_file=/var/log/xferlog
# Enable double logs. While using the Xferlog file to record server upload downloads,
# vsftpd_log_file The file specified, that is,/var/log/vsftpd.log will also be used to record the transport of the server
Dual_log_enable=yes
Vsftpd_log_file=/var/log/vsftpd.log

VSFTPD's two log files are analyzed as follows:

/var/log/xferlog

Examples of record contents

Thu Sep 6 09:07:48 2007 7 192.168.57.1 4323279/home/student/phpmyadmin-2.11.0-all-languages.tar.gz b-i r student FTP 0 * C

/var/log/vsftpd.log

Examples of record contents

Tue Sep One 14:59:03 2007 [PID 3460] connect:client "127.0.0.1"
Tue Sep One 14:59:24 2007 [PID 3459] [ftp] OK LOGIN; Client "127.0.0.1", anon password "?"

Analysis and parameter description of data in/var/log/xferlog log file

the meaning of FTP digital code

The

110  the tag answer again.
How long the 120  service ready. The
125  Data link port is open and ready for delivery. The
150  file status is normal, opening the data connection port. The
200  command was successfully executed. The
202  command failed to execute.
211  System State or system help response. The
212  the status of the directory. The
213  the status of the file.
214  the message for help. The
215  Name System type. The
220  new online service ready. The
221  Service's control connection port is closed and can be logged off. The
225  data connection is turned on, but there is no transfer action.
226  Closes the data connection port and the requested file operation was successful.
227  into passive mode.
230  User Login. The
250  requested file operation completed. The
257  displays the current path name. The
331  user name is correct and requires a password.
332  requires account information when logging in. The
350  requested operation requires a command to be entered.
421  cannot provide a service to close the control link.
425  cannot open a data link.
426  closes online to terminate the transmission. The
450  requested operation was not performed.
451  Command terminated: There is a local error.
452  did not execute command: insufficient disk space. The
500  is malformed and does not recognize the command.
501  parameter syntax error. The
502  command failed to execute.
503  Command Order error. The
504  command has an incorrect parameter. The
530  is not logged in. The
532  storage file requires an account login. The
550  did not perform the requested operation. The
551  requested command terminated with an unknown type.
552  requested file termination, storage bit overflow.  &NBSP
553  the command for which the request was not executed, the name is incorrect.