sudo_sendlog(8) — Linux manual page


SUDO_SENDLOG(8)          System Manager's Manual         SUDO_SENDLOG(8)

NAME         top

       sudo_sendlog — send sudo I/O log to log server

SYNOPSIS         top

       sudo_sendlog [-AnV] [-b ca_bundle] [-c cert_file] [-h host] [-i
       iolog-id] [-k key_file] [-p port] [-r restart-point] [-R
       reject-reason] [-s stop-point] [-t number] path

DESCRIPTION         top

       sudo_sendlog can be used to send the existing sudoers I/O log
       path to a remote log server such as sudo_logsrvd(8) for central

       The options are as follows:

       -A, --accept-only
               Only send the accept event, not the I/O associated with
               the log.  This can be used to test the logging of accept
               events without any associated I/O.

       -b, --ca-bundle
               The path to a certificate authority bundle file, in PEM
               format, to use instead of the system's default
               certificate authority database when authenticating the
               log server.  The default is to use the system's default
               certificate authority database.

       -c, --cert
               The path to the client's certificate file in PEM format.
               This setting is required when the connection to the
               remote log server is secured with TLS.

       --help  Display a short help message to the standard output and

       -h, --host
               Connect to the specified host instead of localhost.

       -i, --iolog-id
               Use the specified iolog-id when restarting a log
               transfer.  The iolog-id is reported by the server when it
               creates the remote I/O log.  This option may only be used
               in conjunction with the -r option.

       -k, --key
               The path to the client's private key file in PEM format.
               This setting is required when the connection to the
               remote log server is secured with TLS.

       -n, --no-verify
               If specified, the server's certificate will not be
               verified during the TLS handshake.  By default,
               sudo_sendlog verifies that the server's certificate is
               valid and that it contains either the server's host name
               or its IP address.  This setting is only supported when
               the connection to the remote log server is secured with

       -p, --port
               Use the specified network port when connecting to the log
               server instead of the default, port 30344.

       -r, --restart
               Restart an interrupted connection to the log server.  The
               specified restart-point is used to tell the server the
               point in time at which to continue the log.  The
               restart-point is specified in the form
               “seconds,nanoseconds” and is usually the last commit
               point received from the server.  The -i option must also
               be specified when restarting a transfer.

       -R, --reject
               Send a reject event for the command using the specified
               reject-reason, even though it was actually accepted
               locally.  This can be used to test the logging of reject
               events; no I/O will be sent.

       -s, --stop-after
               Stop sending log records and close the connection when
               stop-point is reached.  This can be used for testing
               purposes to send a partial I/O log to the server.
               Partial logs can be restarted using the -r option.  The
               stop-point is an elapsed time specified in the form

       -t, --test
               Open number simultaneous connections to the log server
               and send the specified I/O log file on each one.  This
               option is useful for performance testing.

       -V, --version
               Print the sudo_sendlog version and exit.

   Debugging sendlog
       sudo_sendlog supports a flexible debugging framework that is
       configured via Debug lines in the sudo.conf(5) file.

       For more information on configuring sudo.conf(5), refer to its

FILES         top

       /etc/sudo.conf            Sudo front-end configuration

SEE ALSO         top

       sudo.conf(5), sudo(8), sudo_logsrvd(8)

AUTHORS         top

       Many people have worked on sudo over the years; this version
       consists of code written primarily by:

             Todd C. Miller

       See the file in the sudo distribution
       ( for an exhaustive list
       of people who have contributed to sudo.

BUGS         top

       If you believe you have found a bug in sudo_sendlog, you can
       either file a bug report in the sudo bug database,, or open an issue at  If you would prefer
       to use email, messages may be sent to the sudo-workers mailing
       list, (public)
       or <> (private).

       Please not report security vulnerabilities through public GitHub
       issues, Bugzilla or mailing lists.  Instead, report them via
       email to <>.  You may encrypt your message
       with PGP if you would like, using the key found at

SUPPORT         top

       Limited free support is available via the sudo-users mailing
       list, see to
       subscribe or search the archives.

DISCLAIMER         top

       sudo_sendlog is provided “AS IS” and any express or implied
       warranties, including, but not limited to, the implied warranties
       of merchantability and fitness for a particular purpose are
       disclaimed.  See the file distributed with sudo or for complete details.

COLOPHON         top

       This page is part of the sudo (execute a command as another user)
       project.  Information about the project can be found at  If you have a bug report for this manual
       page, see ⟨⟩.  This page was obtained
       from the project's upstream Git repository
       ⟨⟩ on 2024-06-14.  (At that
       time, the date of the most recent commit that was found in the
       repository was 2024-06-08.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to

Sudo 1.9.16                 January 16, 2023             SUDO_SENDLOG(8)