Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How do you log User commands??
- Thread starter Pacifica
- Start date
KenCunningham
Technical User
If your users are using ksh or another shell which allows the creation of a .sh_history file or similar, you could examine the contents of that file for commands. If needed, you could possibly dump these to another file on a per user basis using a cron job. Be aware that the .sh_history file will only contains commands back as far as $HISTSIZE is set to. HTH.
Annihilannic
MIS
Not that I know of, however if they are using ksh you could collect or monitor the contents of their shell history files (~user/.sh_history), and perhaps increase the value of the HISTSIZE variable in /etc/profile from the default of 128.
I think csh logs the command history in memory, and sh doesn't record any command history at all. Annihilannic.
I think csh logs the command history in memory, and sh doesn't record any command history at all. Annihilannic.
KenCunningham
Technical User
Not to mention type at the same time! Cheers.
I'm not sure about script -s (Don't have the -s flag on AIX or Solaris - what flavor of unix are you using?) but I do know that capturing the output from the HISTFILE variable (that's if it's even set to begin with) won't always work because the user can change the value of the variable if he didn't want his commands logged (ie. redirect to /dev/null or even some other variable). The other factor is the HISTSIZE variable can also be set/changed by the user and potentially could be set to 0 (hence, no logging of commands). This is so, even if the variables are set in the users .profile or in /etc/profile.
The only true, surefire way that I can see to do this is to dive into writing a shell wrapper that will grab input as it is typed by the user. I'm sure there are other, more efficient ways of handling this though.
Regards,
Chuck
The only true, surefire way that I can see to do this is to dive into writing a shell wrapper that will grab input as it is typed by the user. I'm sure there are other, more efficient ways of handling this though.
Regards,
Chuck
The syntax for script on Solaris is script -a file_name
Where file_name is the name of the output file where the terminal info will be stored. Be careful, script captures everything on the terminal so the output file may grow to be very large.
Script is not full proof, you can get out of it by typing exit. Too bad I.T. is not cash business
Luc Foata
Unix sysadmin, Oracle DBA
Where file_name is the name of the output file where the terminal info will be stored. Be careful, script captures everything on the terminal so the output file may grow to be very large.
Script is not full proof, you can get out of it by typing exit. Too bad I.T. is not cash business
Luc Foata
Unix sysadmin, Oracle DBA
- Status
Similar threads
- Locked
- Question