Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

COMMAND HISTORY IN SOLARIS

Status
Not open for further replies.
conquersmile

conquersmile

Technical User
Aug 29, 2003
20
AU
Hi friends,

Well i have a slight problem, as you know that the .sh_history file gets overwritten, once you cross the limit of commands.

Basically i want to trace the commands given by a particular user in a specific range of time.

For example, i have logged in solaris using telnet session from many machines,

i want to know the activities performed from each machine, I could get the the IP address and the time also, but i am unable to find what was done during this time from this particular machine
 
Sort by date Sort by votes
You could start by using setting the HISTFILE environment varible to something like HISTFILE=.sh_history$LOGINIP so at least you would know the IP logged in from. If you want more commands saved up the HISTSIZE value. You could get the IP address of the incoming connection by looking at thread60-556806 to get a date stamp in the file, you could just use echo `date` >> $HOME/$HISTFILE perhaps in the .profile

hth

Ken
 
Upvote 0 Downvote
Ken,

That was really helpful, but what if i had not set the HISTSIZE , HISTFILE variables in my .profile.

Well, that is the situation now, I have never set the HISTSIZE in the past, and now i need to track the activities, as mentioned to u, the .sh_history file is already overwritten, but that is also of not much use to me since that does not give the the time and the IP address of a command executed.

I used "last" command to find out , how many machines were used to login using my id. But it does not give me the command history.

Any option where in i can pipe two or more commands to get the required output.

Thanks and Regards,
Padma Swamy
 
Upvote 0 Downvote
Hi,

Try starting "script" at login and ending "script" when logging off.

-Joe
 
Upvote 0 Downvote
Hi padmaswamy,
I believe that unless you have Solaris "Auditing" installed and configured then you may be unlucky, as command history probably is NOT being stored.

Be warned!! Auditing on Solaris (well any system!) will impose an added overhead on both system and administration.

I hope this helps you from chasing your tail around in circles.


Good Luck,
Laurie.
 
Upvote 0 Downvote
Hi,

Additionally, you could have the output file from script e-mailed to you after the user has logged off.

-Joe
 
Upvote 0 Downvote
Hey,

I really got good inputs. And as said, quite unlucky that i may not get the command history, May be writing a starting script and ending script, is the best way to keep a track hereafter.

thanks a lot once again.

Regards,
Padma Swamy
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

arciua
  • Locked
  • Question
SUN Solaris 7: How to pin Workspace Menu?
Replies
0
Views
523
arciua
arciua
austinramsay
  • Locked
  • Question
Solaris 10 install hanging at 3%.. Where to find log file, or ideas?
Replies
1
Views
489
AvayaTier3
AvayaTier3
MauroCMSVR
  • Locked
  • Question
Print as PDF file in Solaris System
Replies
0
Views
402
MauroCMSVR
MauroCMSVR
BOKA
  • Locked
  • Question
Solaris NTP server
Replies
0
Views
390
BOKA
BOKA
thiruram
  • Locked
  • Question
SOLARIS 8
Replies
1
Views
435
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top