UNIX for Dummies Questions & Answers

Guys i am new in forum and come to ask some help in this. What i want is to log what users are doing. Someone told me to make a script and get the history commands of all users and storage this in a DB. but the problem in this is, i want to log all things. Why this? why my 2 machines is only a gateway to access routers and i need to log, 1- the username he logged in, 2- the router he used telnet and 3 - the username he used to login in router.
plz guys help me with this task...
the machine i have to do this is
SunOS xxxxxx 5.8 Generic_117350-24 sun4u sparc SUNW,Sun-Fire-480R

ty all

There's two or three ways. First, OS auditing can be used, but it's kind of weak, IMHO. Second, there exist programs that create taps into the pty devices, allowing you to monitor what users are doing as they are doing it. Third, You can monitor history files, but users can turn off history, or just do their stuff in secret via perl or sh. Finally, there's snoopy.

Snoopy works by being a shared library that is PRELOADed. It's built for UNIX, but should work as well for Solaris. Snoopy traps the library calls for exec() and sends the command and arguments to syslog. You can find it on sourceforge. I have made some enhancements, but the current author of snoopy is not responding to my patches. You can contact me if you need the updates.

Ty very much Otheus, i am looking now for snoopy, but i have a doubt...
this snoopy can log the username he use in a session with a routers?

Edited:

I am trying to install and i get some errors...
whe i use make this is what i get

gcc -shared -O3 -fomit-frame-pointer snoopy.c -osnoopy.so -ldl
snoopy.c: In function `log':
snoopy.c:74: `LOG_AUTHPRIV' undeclared (first use in this function)
snoopy.c:74: (Each undeclared identifier is reported only once
snoopy.c:74: for each function it appears in.)
make: *** [snoopy.so] Error 1


Sry if this is a simple problem, but i dont know much about unix/linux, i am new with this SO

Look on sourceforge.net. It logs the userid, the command, and any arguments. No environment variables or input from STDIN are logged. So if he does:

Code:

$ telnet 192.168.3.2

you won't be able to tell what username/password he logs in, because it's not part of the command line. To do that, you should enable packet sniffing and customized filters which will get the relevant data for you. See tethereal and shark.

Ty Otheus, i go see what i can do now, any news i come here post