For hosts with high security level and which not have very many users, such routers, DB servers etc there is sense to daily check sucsessful logins, like login failures checked now by /etc/periodic/security/800.loginfail.
Suggest to create periodic script /etc/periodic/security/810.loginok (attached) and new variable daily_status_security_loginok_enable in periodic.conf.
Fix: Save the attached script as /etc/periodic/security/810.loginok
and add this line to /etc/periodic.conf:
Suggested default entry for /etc/defaults/periodic.conf:
Patch attached with submission follows:
For bugs matching the following criteria:
Status: In Progress Changed: (is less than) 2014-06-01
Reset to default assignee and clear in-progress tags.
Mail being skipped