Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX audit users activity
Operating Systems AIX AIX audit users activity Post 302181790 by KeesH on Friday 4th of April 2008 06:28:03 AM
Old 04-04-2008
Only problem with that is that the user can see their own .history folder and delete the file, thus deleting the trace....

How can you combat that?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

logging users activity

Hello All! Does anyone know of a nice way to log commands in solaris 8. What I need is a program or script that saves any command that a user does in solaris command prompt. So when Steven logs in on a system, it should record everything he does, from an ls to exit with timestamps. I've been... (6 Replies)
Discussion started by: dozy
6 Replies

2. UNIX for Dummies Questions & Answers

audit user activity - possible?

Hi, I have been asked if it is possible to track the last time a specific user logged in to the sysetm. checked my documentation but can't see it there - google is not being very helpful either. I wonder if someone here can help - it will be much appreciated. Thanks Suresh (1 Reply)
Discussion started by: sureshy
1 Replies

3. SCO

Commands for review users activity

:D Hi, I'm searching for a command or commands to see the user and programs activity and who much resources is in use. In Unix I remember a TOP command but in SCO I'm don't find a similar. My system is a UNIX SCO 5.6 Thank's (1 Reply)
Discussion started by: DigitalExecutiv
1 Replies

4. Solaris

I need to audit users on a Solaris box

Is there a command to find out all the commands ran by a certain user id? TiA (5 Replies)
Discussion started by: PapaPark
5 Replies

5. AIX

turn on audit for all users

hi all, the audit /etc/security/audit/config file is only referring one user at a time. how do you specify all users to be monitored? I've tried ALL = general but got error when invoke "audit start". thanks (1 Reply)
Discussion started by: itik
1 Replies

6. AIX

Aix high cpu activity

Hello everyone I have this process running on my server. topas command User 98.6 |############################ I have this process Name PID CPU% PgSp Owner db2fm 565264 25.6 1.5 ldapdb2 db2fm 348328 23.6 ... (4 Replies)
Discussion started by: lo-lp-kl
4 Replies

7. UNIX for Advanced & Expert Users

audit user commands of different users under root account

Hi, I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies

8. Red Hat

Loggin SFTP activity for chrooted (rssh) users

Hi, I need to log the activity of my SFTP (RHEL 5.4). I have this in /etc/sshd/sshd_config: Subsystem sftp /usr/libexec/openssh/sftp-server -f LOCAL5 -l VERBOSE And this in /etc/syslog.conf: LOCAL5.* /var/log/sftp.log When I log in... (1 Reply)
Discussion started by: Tr0cken
1 Replies

9. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies

10. Shell Programming and Scripting

Audit user activity

Need some help in coming up to log all the activity that is used with our common "unix account". Ideally I am looking for to log the activity in a "separate" file for each session or login until the user logout, I would like to capture the date/time and terminal login and record all the ... (3 Replies)
Discussion started by: rajmanna
3 Replies

LEARN ABOUT HPUX

audusr

audusr(1M)																audusr(1M)

NAME

       audusr - select users to audit

SYNOPSIS

       user] ...] user] ...]

DESCRIPTION

       is  used  to specify users to be audited or excluded from auditing.  The command only works for systems that have been converted to trusted
       mode.

       To select users to audit on systems that have not been converted to trusted mode, use  the  command.   See  also  audit(5),  userdbset(1M),
       userdb(4), and in security(4).

       If no arguments are specified, displays the audit setting of every user.  is restricted to privileged users.

   Options
       recognizes the following options:

	      Audit the specified
			user.	The  auditing  system records audit records to the ``current'' audit file when the specified user executes audited
			events or system calls.  Use to specify events to be audited (see audevent(1M)).

	      Do not audit the specified
			user.

	      Audit all users.

	      Do not audit any users.

       The and options are mutually exclusive: that is, if is specified, cannot be specified; if is specified, cannot be specified.

       Users specified with are audited (or excluded from auditing) beginning with their next login session,  until  excluded  from  auditing  (or
       specified  for  auditing)  with	a  subsequent invocation.  Users already logged into the system when is invoked are unaffected during that
       login session; however, any user who logs in after is invoked is audited or excluded from auditing accordingly.

WARNINGS

       HP-UX 11i Version 3 is the last release to support trusted systems functionality.

AUTHOR

       was developed by HP.

FILES

       File containing flags to indicate whether users are audited.

SEE ALSO

       audevent(1M), userdbset(1M), setaudproc(2), audswitch(2), audwrite(2), security(4), userdb(4), audit(5).

								  TO BE OBSOLETED							audusr(1M)
All times are GMT -4. The time now is 09:41 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy