Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Track user
Top Forums UNIX for Dummies Questions & Answers Track user Post 302430056 by malcolmpdx on Wednesday 16th of June 2010 12:25:33 PM
Old 06-16-2010
syslog isn't going to help you here. Nor is auditing users .bash_history or other related files, since those are easily removed by the user, or can be set to not be written.

You're going to need to set up the audit subsystem. This can be complex, but there are many webpages and lots of documentation.

Check out Use auditing to track reads and writes in a file, for example.
 

10 More Discussions You Might Find Interesting

1. Programming

keep track of the last 10 commands the user typed

Can I do it like this? if (strcmp(argv, "history")==0) { argv = "10"; execvp(argc,argv); } actually, it doesn't work, How can I modify it? Thanks (17 Replies)
Discussion started by: zhshqzyc
17 Replies

2. UNIX for Advanced & Expert Users

Track user activity --pls help

hi I want to know how to save all the command used by all the used under a particular root with the time stamp in a file. Eg: User Name: UX10 Time: 10:56 Command: LS User Name: UX23 Time: 10:59 Command: MORE abc.txt -Anand (2 Replies)
Discussion started by: anandtharani
2 Replies

3. UNIX for Dummies Questions & Answers

Possible to track FTP user last login? Last and Finger don't track them.

Like the topic says, does anyone know if it is possible to check to see when an FTP only user has logged in? Because the shell is /bin/false and they are only using FTP to access the system doing a "finger" or "last" it says they have never logged in. Is there a way to see when ftp users log in... (1 Reply)
Discussion started by: LordJezo
1 Replies

4. Shell Programming and Scripting

keep track of every user

dear all , I m new to shell programming and I need your help. Actually i want to keep track of all the commands executed in a bash prompt of users , very much in same manner as it is displayed when we run "history" command. now the users are smart enough as they delete their history by... (6 Replies)
Discussion started by: xander
6 Replies

5. AIX

Track user logoff in AIX 5.3

Hi Does anybody know if there is a way in AIX 5.3 to track how a user was logged off? For instance where the user typed exit, hit crtl D, shell process was killed, etc. I know of the last log entries but this just shows a users login time and duration. I also tried syslog but I only get login... (5 Replies)
Discussion started by: kimyo
5 Replies

6. UNIX for Advanced & Expert Users

Track user commands

Hi, I have a unix server and I am concerned about the security on that server. I would like to be able to write a script that records all the commands that were typed at the command prompt before the user calls the 'history -c' command and deletes all the history. I was thinking about firing or... (7 Replies)
Discussion started by: mishkamima
7 Replies

7. AIX

Track deleted OS user accounts

Recently we've had a couple user accounts mysteriously disappear. Is there any way to track these accounts and determine who/how they were deleted? (2 Replies)
Discussion started by: Sk0glund
2 Replies

8. Homework & Coursework Questions

Track user log!

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: The task is to measure the density of users that are logged on system. The program should check that every 30... (7 Replies)
Discussion started by: petel1
7 Replies

9. UNIX for Dummies Questions & Answers

How to track user activity?

Hi All Please can you help me with the following issue: A certain vendor installed an application in which for a user to log in; the user must use a user created/predefined by the application. And because this application has more than one user its difficult to track who did what and when,... (6 Replies)
Discussion started by: fretagi
6 Replies

10. UNIX for Advanced & Expert Users

Track activity of a user

Hi All We have a job which writes files to a server at a particular time. The files will be created by a particular user ID Today, during the execution of the job, it created a file to the server and the file sat on the server for sometime, but was deleted immediately at the end of the... (4 Replies)
Discussion started by: sparks
4 Replies

LEARN ABOUT HPUX

audusr

audusr(1M)																audusr(1M)

NAME

       audusr - select users to audit

SYNOPSIS

       user] ...] user] ...]

DESCRIPTION

       is  used  to specify users to be audited or excluded from auditing.  The command only works for systems that have been converted to trusted
       mode.

       To select users to audit on systems that have not been converted to trusted mode, use  the  command.   See  also  audit(5),  userdbset(1M),
       userdb(4), and in security(4).

       If no arguments are specified, displays the audit setting of every user.  is restricted to privileged users.

   Options
       recognizes the following options:

	      Audit the specified
			user.	The  auditing  system records audit records to the ``current'' audit file when the specified user executes audited
			events or system calls.  Use to specify events to be audited (see audevent(1M)).

	      Do not audit the specified
			user.

	      Audit all users.

	      Do not audit any users.

       The and options are mutually exclusive: that is, if is specified, cannot be specified; if is specified, cannot be specified.

       Users specified with are audited (or excluded from auditing) beginning with their next login session,  until  excluded  from  auditing  (or
       specified  for  auditing)  with	a  subsequent invocation.  Users already logged into the system when is invoked are unaffected during that
       login session; however, any user who logs in after is invoked is audited or excluded from auditing accordingly.

WARNINGS

       HP-UX 11i Version 3 is the last release to support trusted systems functionality.

AUTHOR

       was developed by HP.

FILES

       File containing flags to indicate whether users are audited.

SEE ALSO

       audevent(1M), userdbset(1M), setaudproc(2), audswitch(2), audwrite(2), security(4), userdb(4), audit(5).

								  TO BE OBSOLETED							audusr(1M)
All times are GMT -4. The time now is 07:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy