Why can't I see Active Login Sessions on the Threat Stack Dashboard?


We've investigated issues where customers running Ubuntu 12.04 do not see logins on their Dashboard in the Active Login Sessions widget. The resolution is to edit, or if needed add, the following line in your /etc/pam.d/sshd file:

session    required     pam_loginuid.so

The Threat Stack Agent relies on loginuid to associate users, logins/logouts and sessions and track active logins.

After you update the /etc/pam.d/sshd file, you may need to restart sshd and the Threat Stack agent.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request


1 comment

Article is closed for comments.