Is it possible to view all ssh logs of a deleted user ?

Accessing Logs After User Deletion in Ezeelogin

Overview: This article describes how administrators can access and retrieve logs in Ezeelogin even after a user has been deleted, using alternative search parameters in the web panel or by directly accessing raw log files on the SSH jump host, provided SSH log encryption was not enabled at the time of recording.

When a user is deleted in Ezeelogin, their logs are retained for audit and security purposes. Here’s how you can access these logs even though the username may no longer be searchable directly in the web panel, you can search logs using other parameters such as server hostname and date range.

Alternatively, you can find the raw logs on your SSH Jumphost box

You can read the logs as plain text provided the SSH log encryption was not enabled at the time the SSH log was recorded.

Related Articles:

View logs of all users.

Decrypt the encrypted SSH logs.