Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Need help to write a shell script for auditing

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Need help to write a shell script for auditing
# 1  
Old 03-20-2014
Need help to write a shell script for auditing
var/log/secure provides us below information :


Code:
Mar 20 08:07:07 testing sshd[29749]: Accepted password for oracle from 10.51.1.12 port 49239 ssh2
Mar 20 08:07:07 testing sshd[29749]: pam_unix(sshd:session): session opened for user oracle by (uid=0)
Mar 20 08:12:16 testing sshd[29759]: Received disconnect from 10.51.1.12: 11: Disconnect requested by Windows SSH Client.
Mar 20 08:12:16 testing sshd[29749]: pam_unix(sshd:session): session closed for user oracle

but what commands oracle user executed we can not get idea from above information.







/home/oracle/.bash_history provides us information like this about what commands are executed

Code:
cat /u01/up_apps.sh 
cd daily/work
less Auto_Clone.log 
cat Auto_Clone.log 
exit
exit
cat /home/oracle/ashfaq/Auto_Clone/Auto_Clone.sh 
cat /u01/down.sh 
cd /u01/oracle/inst/apps/TESTING_testing/admin/scripts/
./adstpall.sh apps/apps
./adstrtal.sh apps/apps
cat /home/oracle/ashfaq/Auto_Clone/Auto_Clone.sh 
cat /home/oracle/ashfaq/demo/main_exec.sh
cd /home/oracle/ashfaq/demo/
ls -ltr
cat main_exec.sh

but does not tell us that user from which IP or hostname and at
what time executed these commands.



can we create some custom file where we can store all this information in one file with time , ip , user name ( root , oracle , ricky ) and commands
executed by these users ??
Last edited by Don Cragun; 03-20-2014 at 01:47 AM.. Reason: Add CODE tags.
# 2  
Old 03-20-2014
Your approach is not very reliable. The Oracle user could easily delete their Bash shell history before exiting or even during a shell session.

Better to use a shell with a builtin auditing feature such as ksh93. Then every command entered by the user is recorded to a file that the user cannot tamper with. You can also patch Bash to do the same.
# 3  
Old 03-20-2014
please can you guide a bit apply patch on bash.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Please help me to write the shell script

Please help me to write the shell script AC|NAME|STATE|MAXVALUE|MINVALUE---------heading 111|UMA|ODISHA|123,00.00|54.00 111|UMA|ODISHA|124,00.00|25.00 111|UMA|ODISHA|114,00.00|58.00 111|UMA|ODISHA|104,00.00|00.00 111|UMA|ODISHA|194,00.00|19.00 111|UMA|ODISHA|184,00.00|64.00... (5 Replies)
Discussion started by: alokjyotibal
5 Replies

2. Shell Programming and Scripting

How to write config shell script to pass variables in master shell script?

Dear Unix gurus, We have a config shell script file which has 30 variables which needs to be passed to master unix shell script that invokes oracle database sessions. So those 30 variables need to go through the database sessions (They are inputs) via a shell script. one of the variable name... (1 Reply)
Discussion started by: dba1981
1 Replies

3. UNIX for Dummies Questions & Answers

How to write Config shell script to pass variables in master shell script?

Dear Unix gurus, We have a config shell script file which has 30 variables which needs to be passed to master unix shell script that invokes oracle database sessions. So those 30 variables need to go through the database sessions (They are inputs) via a shell script. one of the variable name... (1 Reply)
Discussion started by: dba1981
1 Replies

4. Shell Programming and Scripting

Need to write a shell script

Hi, I need to write a statement which will read a data from a specific line based on condition and then read related lines to delete. For example: |T20150322 100930290 208940000 598000080 700000000 930000202 100000000 .T56789 |T20150322 0100000000 0200000000 0500000000 9000000000... (1 Reply)
Discussion started by: abhi.mit32
1 Replies

5. Shell Programming and Scripting

Need to write a shell script

Hi, I need some help to write a script i need to write script that will count the no of logs generated for the day and specify the logfiles names which is not generated for the day. Default no of log generate per day is 29 if less than 29 logs generated it should specify the perticular logfile... (7 Replies)
Discussion started by: mail.chiranjit
7 Replies

6. Shell Programming and Scripting

how to write shell script

Hi , i need to write a script like this In 1.sh ./test.sh wait(5sec) send ctrl+C to server ./testxxxx.sh first i need invoke test.sh from 1.sh , after wating for some time i need to close the test.sh script & i need to start new script i tried to invoke script... (2 Replies)
Discussion started by: pvr_satya
2 Replies

7. Shell Programming and Scripting

Need to Write Shell Script based off of this shell command

I'm trying to read a bunch of log files and output the lines that contain particular strings. To accomplish this, I've been running the following from the command line: find . -name "*" | xargs grep " " | grep " " > output.txt Two grep statements are needed in case I'm looking for a... (3 Replies)
Discussion started by: Rally_Point
3 Replies

8. Shell Programming and Scripting

I need to write a shell script.

Hi Guys, I need to write a shell script, to which I have getting results from CPU and Memory Utilization. This is to generate automatically through Shell script by running cron job. Is it possible to write it. I am new to this shell scripting. Can you please help me on this ASAP. ... (6 Replies)
Discussion started by: lakshmanrk
6 Replies

9. Shell Programming and Scripting

please Write a shell script

Hi Team, I am unable to write script. please guide me. My rquirement is as given below one file will have three columns with n number of rows like hostname port sid -------- ---- --- sun056 1527 PSP1 sun111 1529 PRP1 sun107 1580 PRD1 the script should... (6 Replies)
Discussion started by: rvrao77
6 Replies

10. Shell Programming and Scripting

need help to write shell script

. I wrote shell script with help to extract data and generate report . I need help to modify that in sub section . Currently I am generating the report in this format Version Name Host Total Number of Fails 10 Animator 45 10 Krachel ... (0 Replies)
Discussion started by: getdpg
0 Replies
Login or Register to Ask a Question