Re: How to log all commands?

• Previous message: Nils Juergens: "Re: How to log all commands?"
• In reply to:(deleted message) Davide Bianchi: "Re: How to log all commands?"
• Next in thread: Dragan Cvetkovic: "Re: How to log all commands?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 31 May 2005 01:46:31 -0700

Davide Bianchi wrote:
> On 2005-05-30, Nekromancer <foo@bar.org> wrote:
> > How can I log all commands (including parameters) typed at any of the
> > virtual terminals in a Linux server?
>
> You could use process accounting, but already the commands are saved
> in the .bash_history files for each user, so just preserving those
> should give you a lot of information (a part for time and date).

I find that .bash_history is not reliable. If I run two or three
xterms, command histories for one or more of them tend to disappear.

I have a similar question, but it's for a non-malicious user:

  want to log each command they use, along with their present working
directory at the time, and the pty/tty the command came from. Helpful
to have the date/time, too.

They won't be executing subshells, turning off history, nulling it,
etc.

Nick Bishop
-----
email replies ignored
-----
Cambodian law: Water guns may not be used in New Year celebrations.
-oOo-

• Previous message: Nils Juergens: "Re: How to log all commands?"
• In reply to:(deleted message) Davide Bianchi: "Re: How to log all commands?"
• Next in thread: Dragan Cvetkovic: "Re: How to log all commands?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]