System Logs


 
Thread Tools Search this Thread
Operating Systems AIX System Logs
# 1  
Old 08-27-2007
System Logs

Dear Gurus

I am running AIX with several users that are using the system, i would like to monitor the commands that are run by these users. Is there a log system that records the commands that are executed by the users???
Any kind of help will be appreciated.

Regards
Masquerder
# 2  
Old 08-27-2007
I just looked at "smitty" but I can't seem to find such functionality out-of-the-box. I guess you can : 1. use users' history files, like :
cat the respective history file (e.g. .bash_history) for all users in /home and mail this content.
2. Use "script" command, I just noticed it's available for AIX.
Certainly, there may be more elegant solution for this task, I will be happy to see it too.
# 3  
Old 08-27-2007
Dear sysgate
Most of my users use root login from there they swich users to another that remains the same for everyone i looked into bash_history but i cannot see the history of root logs, please can u tell me how to see that logs.
Secondly if i start the script command through .cshrc of every user wil it note all the commands in the output.
# 4  
Old 09-24-2007
Have you tried creating a file in users home directory called .sh_history?
I use this for root type logins, and recoreds all commands entered.
# 5  
Old 10-27-2008
Hey

Yes i have done that and the files are also being formed but the problem is the .sh_history files are not getting updated and the also there is no reference to the date or the IP from which the command was run!!!
please help!!!
# 6  
Old 10-28-2008
Of course these files are not updated. When your user switches from one user to another all the command s/he types in as the other user goes to this new users .sh_history file. You can control which history file is being used by setting the HISTFILE variable in the ksh environment.

But even then your main problem will remain: your system is unsecure - and inherently so. There is no other option than to limit what users do as root or as root-equivalent users. I woul suggest you explore tools like sudo and create a thorough concept which user should be able to do what - and then limit his possiblities to exactly this.

Giving all your users root authority is just lazyness in terms of coming up with such a concept. As long as every user is allowed to do everything you don't have to worry about security - it is simply nonexistent and the only thing you can do about it - save for changing the attitude - is getting used to it.

I hope this helps.

bakunin
# 7  
Old 10-28-2008
Hey bakunin

Well sorry if i didnt clear the picture, well im workin in a telco environment and there are a lotta things that my team is doin and for which they need the root pwd, secondly the vendor also has to run system checks that ask for the root pwd, i have restricted my users in terms of groups and dba access but then again there always the chance of any mishaps which can be covered easily as there are 10 ppl that are working on the systems!!!!
so just to keep a check on anything that they r doin i wanted to enhance the security of my n/w.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

If I ran perl script again,old logs should move with today date and new logs should generate.

Appreciate help for the below issue. Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt.............. 1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies

2. AIX

AIX system logs files

hello, i just want to know logs files for these actions listed below : - User Account Creation - User Account Deletion - Failed and or Successful User Password Changes - Failed Login Activities for all User Users - System Reboot or and shutdown help appreciated... (6 Replies)
Discussion started by: Bolou
6 Replies

3. Red Hat

Writing to System Logs

This isn't a RedHat specific question. The software in question might be used for any Linux distribution. Would it be advisable or inadvisable for my application, to be downloaded by many people I don't know, to write to the following logs in /var/log? maillog or mail.log messages secure ... (10 Replies)
Discussion started by: Brandon9000
10 Replies

4. Solaris

Svc messages flooding the system logs every second

Hi all I have a newly installed Oracle X2-4 server running Solaris 10 x86 with the latest patches. I have one non-global zone configured running an Oracle DB instance. After configuring IPMP failover between two NICs on the server and rebooting I am seeing the /var/adm/messages being flooded... (7 Replies)
Discussion started by: notreallyhere
7 Replies

5. AIX

system logs

good evening all dear all where i can find the system logs in AIX 5.3 (1 Reply)
Discussion started by: thecobra151
1 Replies

6. Solaris

logs for system shutdown

I am working on a SUN T2000 machine with Solaris 10 running on it. When I checked the system this morning, I found it to be turned off. The lastreboot command showed that the system had been shut down the previous night. I want to find out how the system was shut down. I have run hardware health... (2 Replies)
Discussion started by: batman727
2 Replies

7. Shell Programming and Scripting

Grep yesterday logs from weblogic logs

Hi, I am trying to write a script which would go search and get the info from the logs based on yesterday timestamp and write yesterday logs in new file. The log file format is as follows: """"""""""""""""""""""""""... (3 Replies)
Discussion started by: harish.parker
3 Replies

8. Shell Programming and Scripting

not able to redirect the logs of a singl date in one system

Hi All, I have around 15 servers. I need to check for the error in /var/adm/messages in 15 servers of current date everyday and log it in one server. rsh is configured in all servers. The command I am using to accomplish this in shell script is rsh <remote sever> grep 'Jun 17'... (2 Replies)
Discussion started by: partha_bhunia
2 Replies

9. Solaris

system logs' life

How can you control old system logs keep(or storage) time in Solaris ? Is there any method ? it depends on buffer size long or date long ? (1 Reply)
Discussion started by: xramm
1 Replies
Login or Register to Ask a Question