Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Command Logging in SCO

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Command Logging in SCO
# 1  
Old 04-12-2006
Command Logging in SCO
Hello, new user here. I am the "administrator" for a few SCO Unix servers here, but do not have much Unix administration experience other than some basic stuff (don't ask).

Anyway, I have been charged with finding a way to log all users commands for auditing purposes. This includes root. The log file should contain the command that was run, the user that invoked it, and the date and time of execution. Other data may be useful, but is not required. This log file should not be accessible by any users other than root, or they could obviously edit the file if they did something "bad".

I've looked at syslog and don't think it will give me what I need. I've also looked at pacct, but not sure if that works either. Maybe it's a setup issue? I have read through several man pages (syslog, syslogd, syslog.conf, pacct, etc) as well as a few printouts from various sites, but nothing looks like what I'm searching for. I've tried the search here as well and found that pacct seems the closest, but I'm not so sure.

We use Windows boxes running Reflections to telnet into the Unix boxes. Our Corporate office has decreed that we use a script that does log all user commands. To even use this script, we have to set up Reflection icons that will automatically enter the user into this script and then hide the ability to change the settings of the Reflection configuration. The logs from this script are editable (just hidden) and there are too many back-doors (rlogin/ftp/telnet/etc) to bypass it. Too much of a rigamarole for something that really does not work. As I see it, we need OS level logging.

If anyone can point me in the right direction, I would be eternally grateful.

Thanks in advance!
# 2  
Old 04-13-2006
Do some reading on different shells. Many supply a .sh_history for each user which might be a good start for you. Apart from homegrowing your solution, I am sure there are products out there I just don't shop for them Smilie
# 3  
Old 04-13-2006
Sorry, I forgot to say we use the bash shell. I just figured there would be something built-in to the O/S that would do what we are seeking since Unix was designed as a multi-user O/S and all. I have no idea really where to start. We do have the history, but it doesn't have data/time of the executed command, nor who ran it.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

2. Shell Programming and Scripting

Command Logging

I searched the forums for command logging and the user "Driver" seemed to provide a script for logging shell commands with related info like date and time. The subject was "logging command invocations -cmdlog" . I would be interested in this script. Thanks (0 Replies)
Discussion started by: starcraft
0 Replies

3. Shell Programming and Scripting

bash logging al $() command lines

I have been doing a lot more bash on LINUX RedHat and Ubuntu lately, and one thing keeps cropping up intermittently. If I do a $( some-commands ) Command Substitution, the some-commands are logged onto my screen each time they are evaluated. Did I turn on some odd option? It seems to happen just... (13 Replies)
Discussion started by: DGPickett
13 Replies

4. SCO

sco remote logging problem

Hello, I am trying to write log from sco box to a remote host. We already have that setting working for linux server using syslog. With this setting(on LINUX) *.* @remote-host for sco I have this *.debug /usr/adm/syslog *.* ... (3 Replies)
Discussion started by: polestar
3 Replies

5. Shell Programming and Scripting

awk command-logging

hi folks, In the following code, logfile remains empty. log_file="/u/Sc/prav.log.$mon$day" ps -ef | grep "myprocess"| awk -v logfile=$log_file '{ system("date >> logfile") }' can u please help as how to log the date to that logfile. thanks in advance! (3 Replies)
Discussion started by: pravfraz
3 Replies

6. Cybersecurity

Full Command Logging?

I am looking for a really good command logging tool to improve the auditing of my servers. I have previously used snoopy but this is currently a bit flaky and causing serious problems for me, it doesn't look like it's been maintained since 2004, it didn't even want to compile until I added -fPIC... (1 Reply)
Discussion started by: humbletech99
1 Replies

7. Solaris

shell command logging

Does anyone have a simple method of logging all shell commands typed by a user (csh in our case)? - I could enable auditing, but this would be overkill - I could enable process accounting, but AFAIK, this does not log arguments Thanks all. (2 Replies)
Discussion started by: minkie
2 Replies

8. UNIX for Dummies Questions & Answers

Logging command invocations - cmdlog

. (1 Reply)
Discussion started by: Driver
1 Replies

9. UNIX for Dummies Questions & Answers

What is command for logging?

Hi, I am trying to recollect the command used to log a file. We use this command just before starting, say, installation. At the end you get a file capturing the series of commands you used during the course of time and sytems response. Could anybody please help. Thanks, Dasa (3 Replies)
Discussion started by: dtamminx
3 Replies

10. UNIX for Advanced & Expert Users

SSH and command logging

Hi all... I've completed the task of deploying SSH over my 400 servers. I don't know if i'm right or wrong, but ssh doesn't do any command-logging, does it? Is there a app i can use to log all commands passed ( besides the usual .sh_history), whith no modification possible by the user, and how... (2 Replies)
Discussion started by: penguin-friend
2 Replies
Login or Register to Ask a Question