Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX audit users activity
Operating Systems AIX AIX audit users activity Post 302181790 by KeesH on Friday 4th of April 2008 06:28:03 AM
Old 04-04-2008
Only problem with that is that the user can see their own .history folder and delete the file, thus deleting the trace....

How can you combat that?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

logging users activity

Hello All! Does anyone know of a nice way to log commands in solaris 8. What I need is a program or script that saves any command that a user does in solaris command prompt. So when Steven logs in on a system, it should record everything he does, from an ls to exit with timestamps. I've been... (6 Replies)
Discussion started by: dozy
6 Replies

2. UNIX for Dummies Questions & Answers

audit user activity - possible?

Hi, I have been asked if it is possible to track the last time a specific user logged in to the sysetm. checked my documentation but can't see it there - google is not being very helpful either. I wonder if someone here can help - it will be much appreciated. Thanks Suresh (1 Reply)
Discussion started by: sureshy
1 Replies

3. SCO

Commands for review users activity

:D Hi, I'm searching for a command or commands to see the user and programs activity and who much resources is in use. In Unix I remember a TOP command but in SCO I'm don't find a similar. My system is a UNIX SCO 5.6 Thank's (1 Reply)
Discussion started by: DigitalExecutiv
1 Replies

4. Solaris

I need to audit users on a Solaris box

Is there a command to find out all the commands ran by a certain user id? TiA (5 Replies)
Discussion started by: PapaPark
5 Replies

5. AIX

turn on audit for all users

hi all, the audit /etc/security/audit/config file is only referring one user at a time. how do you specify all users to be monitored? I've tried ALL = general but got error when invoke "audit start". thanks (1 Reply)
Discussion started by: itik
1 Replies

6. AIX

Aix high cpu activity

Hello everyone I have this process running on my server. topas command User 98.6 |############################ I have this process Name PID CPU% PgSp Owner db2fm 565264 25.6 1.5 ldapdb2 db2fm 348328 23.6 ... (4 Replies)
Discussion started by: lo-lp-kl
4 Replies

7. UNIX for Advanced & Expert Users

audit user commands of different users under root account

Hi, I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies

8. Red Hat

Loggin SFTP activity for chrooted (rssh) users

Hi, I need to log the activity of my SFTP (RHEL 5.4). I have this in /etc/sshd/sshd_config: Subsystem sftp /usr/libexec/openssh/sftp-server -f LOCAL5 -l VERBOSE And this in /etc/syslog.conf: LOCAL5.* /var/log/sftp.log When I log in... (1 Reply)
Discussion started by: Tr0cken
1 Replies

9. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies

10. Shell Programming and Scripting

Audit user activity

Need some help in coming up to log all the activity that is used with our common "unix account". Ideally I am looking for to log the activity in a "separate" file for each session or login until the user logout, I would like to capture the date/time and terminal login and record all the ... (3 Replies)
Discussion started by: rajmanna
3 Replies

LEARN ABOUT CENTOS

augenrules

AUGENRULES:(8)						  System Administration Utilities					    AUGENRULES:(8)

NAME

       augenrules - a script that merges component audit rule files

SYNOPSIS

       augenrules [--check] [--load]

DESCRIPTION

       augenrules  is  a  script  that merges all component audit rules files, found in the audit rules directory, /etc/audit/rules.d, placing the
       merged file in /etc/audit/audit.rules. Component audit rule files, must end in .rules  in  order  to  be  processed.  All  other  files	in
       /etc/audit/rules.d are ignored.

       The files are concatenated in order, based on their natural sort (see -v option of ls(1)) and stripped of empty and comment (#) lines.

       The  last  processed  -D  directive without an option, if present, is always emitted as the first line in the resultant file. Those with an
       option are replicated in place.	The last processed -b directive, if present, is always emitted as the second line in the  resultant  file.
       The  last  processed -f directive, if present, is always emitted as the third line in the resultant file.  The last processed -e directive,
       if present, is always emitted as the last line in the resultant file.

       The generated file is only copied to /etc/audit/rules.d, if it differs.

OPTIONS

       --check
	      test if rules have changed and need updating without overwriting audit.rules.

       --load load old or newly built rules into the kernel.

FILES

       /etc/audit/rules.d/ /etc/audit/audit.rules

SEE ALSO

       audit.rules(8), auditctl(8), auditd(8).

Red Hat 							     Apr 2013							    AUGENRULES:(8)
All times are GMT -4. The time now is 03:32 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy