09-30-2006
Capturing commands executed by user
Hello Unix Champs,
For keeping audit trail, I want to log the commands entered by the normal users, on their terminal into a text file.
I tried putting a "script -a username.timestamp.txt" in the user profile file, but script command stops execution when user types exit or presses CTRL+D during his session and shows him message "Scripting Done". Obviously, All commands typed by user after this message, will not be logged in the log file.
My queries:
1) Can I control the execution of the script program in such a way that whenever user types "exit", he will exit from the system?
2) Is there any other way by which I can capture what commands user types ?
Thanks,
Bhaven
10 More Discussions You Might Find Interesting
1. Solaris
Hi all
I want to know the commands executed a by particular user .. for the whole day on my machine.
I have checked out with the commad
$lastcomm <user>
It is throwing an error called: ..
/var/adm/pacct: No such file or directory
Can u help me in this regard..
Thank U... (3 Replies)
Discussion started by: naree
3 Replies
2. Solaris
Hi all
I want to know the commands executed a by particular user .. for the whole day on my machine.
I have checked out with the commad
$lastcomm <user>
It is throwing an error called: ..
/var/adm/pacct: No such file or directory
Can u help me in this regard..
Thank U
Naree (1 Reply)
Discussion started by: naree
1 Replies
3. UNIX for Dummies Questions & Answers
Hi all,
I am new to unix OS.
Commands(external commands) given by the user are examined by shell and later executed by kernel.
Now I want to know how the internal(built in) commands are executed.
Please clarify whether they are executed directly by shell or by kernel.
Thanks in... (2 Replies)
Discussion started by: chaitra
2 Replies
4. Shell Programming and Scripting
Hi,
I have executed a set of commands on the linux server and later rebooted the server. Is it possible to get the details of the commands I executed prior to the reboot? If yes please let me know how?
Thanks. (1 Reply)
Discussion started by: yoursdavinder
1 Replies
5. UNIX for Dummies Questions & Answers
how to execute more than one command at the same time in unix .. (4 Replies)
Discussion started by: hemaa
4 Replies
6. Shell Programming and Scripting
Dear friends,
Whenever I do logout from a session initiated by ssh/su, I need to print a small report which says the login time, logout time, commands got executed..
How can it be done?
I know when doing ssh, .profile file will get executed. Shall we do something with the help of it. (1 Reply)
Discussion started by: nagalenoj
1 Replies
7. UNIX for Dummies Questions & Answers
Hi,
how to overcome this warning issue.
code:
#echo 'ls > /home/rxcprod/a.out' | at -q a now
warning: commands will be executed using /usr/bin/sh
job 1318943704.a at Tue Oct 18 09:15:04 2011 (4 Replies)
Discussion started by: tushar_spatil
4 Replies
8. UNIX for Dummies Questions & Answers
Hi,
I have cleared the commands by using >$HOME/.sh_history.
But if i issue HISTORY it shows some reference numbers but not the commands executed.
But i want to truncate those line numbers too.
May i know how i can achieve this?
Thanks (1 Reply)
Discussion started by: pandeesh
1 Replies
9. Shell Programming and Scripting
Hi guys,
I am executing a pretty long ksh script and need to time stamp every command which runs inside.
Unfortunatly 'echo date' is not the option here.
May be someone knows another way or utility which can be used to log executed command and timestamp next to it.
Thanks
PS I work in ksh88 (4 Replies)
Discussion started by: aoussenko
4 Replies
10. HP-UX
All team members has sudo access to user "batch55".
Need to track all the commands used by team members after sudo to "batch55".
Using HP-UX and ksh shell in our environment.
How can i acheive this?
Thanks In Advance. (2 Replies)
Discussion started by: venkatababu
2 Replies
SCRIPT(1) User Commands SCRIPT(1)
NAME
script - make typescript of terminal session
SYNOPSIS
script [options] [file]
DESCRIPTION
script makes a typescript of everything displayed on your terminal. It is useful for students who need a hardcopy record of an interactive
session as proof of an assignment, as the typescript file can be printed out later with lpr(1).
If the argument file is given, script saves the dialogue in this file. If no filename is given, the dialogue is saved in the file type-
script.
OPTIONS
-a, --append
Append the output to file or to typescript, retaining the prior contents.
-c, --command command
Run the command rather than an interactive shell. This makes it easy for a script to capture the output of a program that behaves
differently when its stdout is not a tty.
-e, --return
Return the exit code of the child process. Uses the same format as bash termination on signal termination exit code is 128+n.
-f, --flush
Flush output after each write. This is nice for telecooperation: one person does `mkfifo foo; script -f foo', and another can
supervise real-time what is being done using `cat foo'.
--force
Allow the default output destination, i.e. the typescript file, to be a hard or symbolic link. The command will follow a symbolic
link.
-q, --quiet
Be quiet (do not write start and done messages to standard output).
-t[file], --timing[=file]
Output timing data to standard error, or to file when given. This data contains two fields, separated by a space. The first field
indicates how much time elapsed since the previous output. The second field indicates how many characters were output this time.
This information can be used to replay typescripts with realistic typing and output delays.
-V, --version
Display version information and exit.
-h, --help
Display help text and exit.
NOTES
The script ends when the forked shell exits (a control-D for the Bourne shell (sh(1)), and exit, logout or control-d (if ignoreeof is not
set) for the C-shell, csh(1)).
Certain interactive commands, such as vi(1), create garbage in the typescript file. script works best with commands that do not manipulate
the screen, the results are meant to emulate a hardcopy terminal.
It is not recommended to run script in non-interactive shells. The inner shell of script is always interactive, and this could lead to
unexpected results. If you use script in the shell initialization file, you have to avoid entering an infinite loop. You can use for
example the .profile file, which is read by login shells only:
if test -t 0 ; then
script
exit
fi
You should also avoid use of script in command pipes, as script can read more input than you would expect.
ENVIRONMENT
The following environment variable is utilized by script:
SHELL If the variable SHELL exists, the shell forked by script will be that shell. If SHELL is not set, the Bourne shell is assumed.
(Most shells set this variable automatically).
SEE ALSO
csh(1) (for the history mechanism), scriptreplay(1)
HISTORY
The script command appeared in 3.0BSD.
BUGS
script places everything in the log file, including linefeeds and backspaces. This is not what the naive user expects.
script is primarily designed for interactive terminal sessions. When stdin is not a terminal (for example: echo foo | script), then the
session can hang, because the interactive shell within the script session misses EOF and script has no clue when to close the session. See
the NOTES section for more information.
AVAILABILITY
The script command is part of the util-linux package and is available from Linux Kernel Archive <https://www.kernel.org/pub/linux/utils
/util-linux/>.
util-linux June 2014 SCRIPT(1)