Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: I need to audit users on a Solaris box
Operating Systems Solaris I need to audit users on a Solaris box Post 100574 by MizzGail on Tuesday 28th of February 2006 02:40:50 PM
Old 02-28-2006
We have turned on accounting to track user commands and there is a lot of overhead.. but it meets requirements.
If you have the capability to keep the user from updating their login parameters, you can force the history for only that person via a login profile.

for example, force the login to ksh and then use the set -o emacs command
this will put all the commands they execute into their .sh_history file. Which you can then view.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

difference between AIX box and Sun Solaris box

Hi, I need a clarification. Is there any difference between AIX box and Sun Solaris box? The bzip command with -c option works in AIX box and the same does not work in Sun Solaris box. Can anyone please explain if there is an implementation difference in both these boxes for the shell... (1 Reply)
Discussion started by: nisha4680
1 Replies

2. AIX

turn on audit for all users

hi all, the audit /etc/security/audit/config file is only referring one user at a time. how do you specify all users to be monitored? I've tried ALL = general but got error when invoke "audit start". thanks (1 Reply)
Discussion started by: itik
1 Replies

3. Solaris

audit in solaris

How do I know that audit is enabled in soalris. in AIX 'audit query' command gives me the info whether auditing is on or not. Raghav (1 Reply)
Discussion started by: raghavender_sri
1 Replies

4. AIX

AIX audit users activity

Is there a tool or application the will audit users activity? I've tryed to use audit the comes with AIX but to gathers so much information it is near impossible to see what they are doing. I just want to monitor logins and and files they create or change. (9 Replies)
Discussion started by: daveisme
9 Replies

5. Solaris

audit in solaris 10

can you please share what you use to audit what files are deleted, when files are deleted and who deleted them? thx (1 Reply)
Discussion started by: melanie_pfefer
1 Replies

6. Solaris

Audit in Solaris Servers.

Hi Friends I am a Solaries newbie and I am looking out for a software or command or config that can capture all commands run by all users on a server on a daily basis. I believe that this Audit is being done in almost all enterprises and would like to know how the same is done there. Any... (3 Replies)
Discussion started by: Hari_Ganesh
3 Replies

7. UNIX for Advanced & Expert Users

audit user commands of different users under root account

Hi, I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies

8. Shell Programming and Scripting

Setting environmental variable for all the users in the box

Hi, I have Sun solaris x64 box in which i need to set a Environment variable for all the users in the box. This Environment varible is used by the application on the box. Could any one please help me in setting the Environment variable. Thanks, Firestar (6 Replies)
Discussion started by: firestar
6 Replies

9. Shell Programming and Scripting

Create new users in DMZ box using script

I remote to many DMZ boxes every day to run batch file that allows me to create users. I create users in 17 DMZ boxes every day which takes a lot of my time. Is there any script that would do this job from my local computer? Thank you for your help! (3 Replies)
Discussion started by: idiazza
3 Replies

10. Solaris

Enabling Solaris Audit log: Solaris 9

Dear All, I have one of my Servers, running Solaris 9. I wanna enable the Audit log enabling, the way I did in Solaris 10 Servers. After running, the bsmconv script, giving the reboots, modifying all the audit files in /etc/security, the audit is enabled, but the audit file which shall be... (3 Replies)
Discussion started by: sumeet1806
3 Replies

LEARN ABOUT HPUX

acctprc1

acctprc(1M)															       acctprc(1M)

NAME

       acctprc, acctprc1, acctprc2 - process accounting

SYNOPSIS

DESCRIPTION

       reads input in the form described by acct(4), adds login names corresponding to user IDs, then writes for each process an ASCII line giving
       user ID, login name, prime CPU time (tics), non-prime CPU time (tics), and mean memory size (in memory segment units).  If is given, it	is
       expected  to  contain a list of login sessions in the form described in acctcon(1M), sorted by user ID and login name.  If this file is not
       supplied, it obtains login names from the password file.  The information in helps it distinguish among different login	names  that  share
       the same user ID.

       reads  records in the form written by summarizes them by user ID and name, then writes the sorted summaries to the standard output as total
       accounting records.

       combines the functionality of and into one program.  It takes the same input format as (but does not accept the ctmp argument)  and  writes
       the same output as

       These commands are typically used as shown below:

	      or

EXTERNAL INFLUENCES

   Environment Variables
       For the output of if the user IDs are identical, determines the order in which the user names are sorted.

       If  is not specified in the environment or is set to the empty string, the value of is used as a default.  If is not specified or is set to
       the empty string, a default of ``C'' (see lang(5)) is used instead of If any internationalization variable  contains  an  invalid  setting,
       behaves as if all internationalization variables are set to ``C'' (see environ(5)).

WARNINGS

       Although  it  is  possible  to  distinguish among login names that share user IDs for commands run normally, it is difficult to do this for
       those commands run from for example (see cron(1M)).  More precise conversion can be done by faking login sessions on the  console  via  the
       program in acct(1M).

       A  memory  segment of the mean memory size is a unit of measure for the number of bytes in a logical memory segment on a particular proces-
       sor.

       The mean memory size may overflow for values greater than

FILES

SEE ALSO

       acct(1M), acctcms(1M), acctcom(1M), acctcon(1M), acctmerg(1M), acctsh(1M), cron(1M), fwtmp(1M), runacct(1M), acct(2), acct(4), utmp(4).

STANDARDS CONFORMANCE

																       acctprc(1M)
All times are GMT -4. The time now is 08:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy