Does VSFTP log when people upload/download from server?
 

Does VSFTP log when people upload/download from server? I have a case where someone swears they uploaded some files to our ftp site, but the people who pull the files down say they were never there. I'd like to solve the he said she said debate with some proof if i can find it, but I don't even know where to look or if its even possible to have this stuff logged?

Hi,

You can check /etc/vsftpd.conf to see if logging is enabled and the location/name of the logfile.

Regards

Great, it did log all the ins and outs. now if only i could find out if someone deleted the files or not, i see they were uploaded successfully.

If the files were deleted from inside an ftp session, you cannot find who deleted them, unless you had the following 2 options set in vsftpd.conf
In that case the debug logs are written to /var/log/vsftpd.log by default.
If you suspect the files were deleted from cli (or an ssh session), you can check the user's history, if he/she was not clever enough to clear it.

Regards

I have the xferlog_std_format set to YES right now. I read the description in the file for that one and don't understand what that's for.

I don't even have the log_ftp_protocol in my current file. is that bad?

No, these 2 options are used for debugging reasons, if they set to NO and YES respectively. In normal operation you need only to see the file transfers and not all the stuff that is logged for debugging, so you have to disable the log_ftp_protocol.
Of course this way you cannot tell if someone deleted any files using ftp.

OK, thanks for the info. I guess for now i'll keep it as is, but at least I know how to change it for the future. Thanks for all the help!