ajcannon,
If someone got root once on your linux system then you're in trouble! Chance are he/she will be able to wipe out any suspicous activity such as root su/login etc...
But If the user is pretty dumb You can always alias the su command to log some info, something like
Code:
alias su='TOTO=`tty | sed -e 's,^/dev/,,'`; who -u |grep $TOTO>> /tmp/su.log; /bin/su'
Hi
I would like to monitor CPU usage ( %) , memory utilization and such on an AIX 5.3 with snmp.
How would I do that ? :confused:
If I do "snmpwalk -c public -v1 hosttomonitor" I get nothing about the CPU.
I've done this on Linux ( not much trouble doing it on linux ) but I'm having a hard... (2 Replies)
Hey guys how do you determined how much memory is consumed a certain process in HP-UX,Also is there any other way of determining free memory if memdetail and sar -r is unavailable? (2 Replies)
how can I find cpu usage memory usage swap usage and
I want to know CPU usage above X% and contiue Y times and memory usage above X % and contiue Y times
my final destination is monitor process
logical volume usage above X % and number of Logical voluage above
can I not to... (3 Replies)
Hi,
I want to monitor the current cpu usage, monitor usage , disk I/o and network utlization for solaris using SNMP.
I want the oids for above tasks.
can you please tell me that
Thank you (2 Replies)
hi all,
i want to monitor mysql processes/threads/queries with respect to cpu usage.how can i do it?
show processlist is of no use as no information abt cpu usage is given.
plz help (7 Replies)
Can someone please tell me how to calculate the CPU usage from what one gets back from snmpwalk?
I have searched and dug through the internet and apparently, no one has the answer to this?
i can use snmpwalk to pull out relevant information about cpu. but i have no clue what values are to be... (1 Reply)
Let's say i have 20 users logged on Server. How can I know how much memory percent used each of them is using with system time in each user? (2 Replies)
I need to record min and max resources for RAM, & CPU for each command's execution in a shell script. Maybe going in details I would also be interested to capture plots with resource usage i.e.start to end of individual command with respect to time in a shell script.
Please share ideas. (0 Replies)
HI I am Trying to edit the below code to send email every day with difference of disk utilized in for last 24 hours but instead getting same usage everyday. can you please help me to point out where my calculation is going wrong. Thank you.
=================
#!/bin/bash
TODAY="at $(date... (0 Replies)
Discussion started by: Mi4304
0 Replies
LEARN ABOUT DEBIAN
ttysnoops
TTYSNOOP(8) BSD System Manager's Manual TTYSNOOP(8)NAME
ttysnoop -- snoop on a user's tty
SYNOPSIS
ttysnoop [pty]
ttysnoops
DESCRIPTION
The ttysnoop / ttysnoops client-server combo can be used to snoop (watch) on a user's login tty. The server (ttysnoops) is usually started
by getty(8) or telnetd(8) and reads the file /etc/snooptab to find out which tty's should be cloned and which programs to run on them (usu-
ally /bin/login). A tty may be snooped through a pre-determined (ie. fixed) device, or through a dynamically allocated pseudo-tty (pty).
This is also specified in the /etc/snooptab file. To connect to the pty, the client ttysnoop should be used. The available pseudo terminals
pty are present as sockets in the directory /var/spool/ttysnoop/.
Format of /etc/snooptab
The /etc/snooptab file may contain comment lines (starting with a '#'), empty lines, or entries for tty's that should be snooped upon. The
format of such an entry is as follows:
tty snoop-device type program
where tty is the leaf-name of the tty that should be snooped upon (eg. ttyS2, not /dev/ttyS2) OR the wildcard '*', which matches ANY tty.
snoop-device is the device through which tty should be snooped (eg. /dev/tty8) OR the literal constant "socket". The latter is used to tell
ttysnoops that the snoop-device will be a dynamically allocated pty. type specifies the type of program that should be run, currently recog-
nized types are "init", "user" and "login" although the former two aren't really needed. Finally, program is the full pathname to the program
to run when ttysnoops has cloned tty onto snoop-device.
EXAMPLE
The following example /etc/snooptab file should illustrate the typical use of ttysnoop / ttysnoops:
#
# example /etc/snooptab
#
ttyS0 /dev/tty7 login /bin/login
ttyS1 /dev/tty8 login /bin/login
#
# the wildcard tty should always be the last one in the file
#
* socket login /bin/login
#
# example end
#
With the above example, whenever a user logs in on /dev/ttyS0 or /dev/ttyS1, either tty will be snooped through /dev/tty7 or /dev/tty8
respectively. Any other tty's will be snooped through a pty that will be allocated at the time of login. The system-administrator can then
run ttysnoop pty to snoop through the pty. Note that it is up to the system-administrator to setup getty and/or telnetd so that they execute
ttysnoops instead of /bin/login.
SEE ALSO getty(8), telnetd(8)FILES
/etc/snooptab
BUGS
The program is unable to do any terminal control-code translations for the original tty and the snoop-device. I doubt it will ever do this.
AUTHOR
Carl Declerck, carl@miskatonic.inbe.net
BSD August 8 1994 BSD
10-01-2007
You can always alias the su command to log some info, something like