Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Command Logging in SCO
Top Forums UNIX for Dummies Questions & Answers Command Logging in SCO Post 302071155 by brian_g on Wednesday 12th of April 2006 05:59:21 PM
Old 04-12-2006
Command Logging in SCO
Hello, new user here. I am the "administrator" for a few SCO Unix servers here, but do not have much Unix administration experience other than some basic stuff (don't ask).

Anyway, I have been charged with finding a way to log all users commands for auditing purposes. This includes root. The log file should contain the command that was run, the user that invoked it, and the date and time of execution. Other data may be useful, but is not required. This log file should not be accessible by any users other than root, or they could obviously edit the file if they did something "bad".

I've looked at syslog and don't think it will give me what I need. I've also looked at pacct, but not sure if that works either. Maybe it's a setup issue? I have read through several man pages (syslog, syslogd, syslog.conf, pacct, etc) as well as a few printouts from various sites, but nothing looks like what I'm searching for. I've tried the search here as well and found that pacct seems the closest, but I'm not so sure.

We use Windows boxes running Reflections to telnet into the Unix boxes. Our Corporate office has decreed that we use a script that does log all user commands. To even use this script, we have to set up Reflection icons that will automatically enter the user into this script and then hide the ability to change the settings of the Reflection configuration. The logs from this script are editable (just hidden) and there are too many back-doors (rlogin/ftp/telnet/etc) to bypass it. Too much of a rigamarole for something that really does not work. As I see it, we need OS level logging.

If anyone can point me in the right direction, I would be eternally grateful.

Thanks in advance!
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

SSH and command logging

Hi all... I've completed the task of deploying SSH over my 400 servers. I don't know if i'm right or wrong, but ssh doesn't do any command-logging, does it? Is there a app i can use to log all commands passed ( besides the usual .sh_history), whith no modification possible by the user, and how... (2 Replies)
Discussion started by: penguin-friend
2 Replies

2. UNIX for Dummies Questions & Answers

What is command for logging?

Hi, I am trying to recollect the command used to log a file. We use this command just before starting, say, installation. At the end you get a file capturing the series of commands you used during the course of time and sytems response. Could anybody please help. Thanks, Dasa (3 Replies)
Discussion started by: dtamminx
3 Replies

3. UNIX for Dummies Questions & Answers

Logging command invocations - cmdlog

. (1 Reply)
Discussion started by: Driver
1 Replies

4. Solaris

shell command logging

Does anyone have a simple method of logging all shell commands typed by a user (csh in our case)? - I could enable auditing, but this would be overkill - I could enable process accounting, but AFAIK, this does not log arguments Thanks all. (2 Replies)
Discussion started by: minkie
2 Replies

5. Cybersecurity

Full Command Logging?

I am looking for a really good command logging tool to improve the auditing of my servers. I have previously used snoopy but this is currently a bit flaky and causing serious problems for me, it doesn't look like it's been maintained since 2004, it didn't even want to compile until I added -fPIC... (1 Reply)
Discussion started by: humbletech99
1 Replies

6. Shell Programming and Scripting

awk command-logging

hi folks, In the following code, logfile remains empty. log_file="/u/Sc/prav.log.$mon$day" ps -ef | grep "myprocess"| awk -v logfile=$log_file '{ system("date >> logfile") }' can u please help as how to log the date to that logfile. thanks in advance! (3 Replies)
Discussion started by: pravfraz
3 Replies

7. SCO

sco remote logging problem

Hello, I am trying to write log from sco box to a remote host. We already have that setting working for linux server using syslog. With this setting(on LINUX) *.* @remote-host for sco I have this *.debug /usr/adm/syslog *.* ... (3 Replies)
Discussion started by: polestar
3 Replies

8. Shell Programming and Scripting

bash logging al $() command lines

I have been doing a lot more bash on LINUX RedHat and Ubuntu lately, and one thing keeps cropping up intermittently. If I do a $( some-commands ) Command Substitution, the some-commands are logged onto my screen each time they are evaluated. Did I turn on some odd option? It seems to happen just... (13 Replies)
Discussion started by: DGPickett
13 Replies

9. Shell Programming and Scripting

Command Logging

I searched the forums for command logging and the user "Driver" seemed to provide a script for logging shell commands with related info like date and time. The subject was "logging command invocations -cmdlog" . I would be interested in this script. Thanks (0 Replies)
Discussion started by: starcraft
0 Replies

10. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

LEARN ABOUT DEBIAN

gfmd

GFMD(8) 																   GFMD(8)

NAME

       gfmd(8) - Gfarm metadata server

SYNOPSIS

       gfmd [ options ]

DESCRIPTION

       gfmd  is a Gfarm filesystem metadata server for accessing the filesystem metadata of the Gfarm filesystem.  gfmd must be running on a meta-
       data server node in advance.

       It is possible for gfmd to be executed as a non-privileged user process, although only the user that executes the  gfmd	can  be  authenti-
       cated.  Other users cannot use it.  For details, see SETUP.private.en document

       To  access  gfmd, the hostname and the port number should be specified by the metadb_server_host and metadb_server_port statements, respec-
       tively, in ~/.gfarm2rc or in %%SYSCONFDIR%%/gfarm2.conf on a client node.

OPTIONS

       -L log-level
	      Specifies a log priority level.  The log output, which priority is higher or equal to this level, will be sent to syslog or standard
	      error.  Please refer gfarm2.conf(5) for the priority levels which can be specified by this option.

       -P pid-file
	      Specifies a file name to be used to record the process ID of gfmd.

       -d     Specifies the debug mode.  With the -d option, gfmd runs as a foreground process, not a daemon.

	      If this option is specified and -L is not specified, the log level is set to "debug".

       -f config-file
	      Specifies a configuration file that is read instead of the default configuration file.

       -p port
	      Specifies a port number to be used by gfmd.

       -s syslog-facility
	      Specifies a syslog facility to report errors encountered by gfmd.  By default, local0 is used.

       -v     Makes gfmd output verbose log message on authentication.	This is useful, when one has to resolve an issue about GSI authenticaion.

       -?     Displays a list of command options.

FILES

       %%SYSCONFDIR%%/gfmd.conf
	      configuration file

SEE ALSO

       gfarm2.conf(5)

Gfarm								 20 December 2010							   GFMD(8)
All times are GMT -4. The time now is 05:41 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy