Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How do you log User commands??

Status
Not open for further replies.
Pacifica

Pacifica

Technical User
Nov 23, 2002
13
DE
Is there a way to log the commands users enter?

If so, can these commands be separated by user, so you know exactly which users ran which commands?
 
Sort by date Sort by votes
If your users are using ksh or another shell which allows the creation of a .sh_history file or similar, you could examine the contents of that file for commands. If needed, you could possibly dump these to another file on a per user basis using a cron job. Be aware that the .sh_history file will only contains commands back as far as $HISTSIZE is set to. HTH.
 
Upvote 0 Downvote
Not that I know of, however if they are using ksh you could collect or monitor the contents of their shell history files (~user/.sh_history), and perhaps increase the value of the HISTSIZE variable in /etc/profile from the default of 128.

I think csh logs the command history in memory, and sh doesn't record any command history at all. Annihilannic.
 
Upvote 0 Downvote
I'm not sure about script -s (Don't have the -s flag on AIX or Solaris - what flavor of unix are you using?) but I do know that capturing the output from the HISTFILE variable (that's if it's even set to begin with) won't always work because the user can change the value of the variable if he didn't want his commands logged (ie. redirect to /dev/null or even some other variable). The other factor is the HISTSIZE variable can also be set/changed by the user and potentially could be set to 0 (hence, no logging of commands). This is so, even if the variables are set in the users .profile or in /etc/profile.

The only true, surefire way that I can see to do this is to dive into writing a shell wrapper that will grab input as it is typed by the user. I'm sure there are other, more efficient ways of handling this though.
Regards,
Chuck
 
Upvote 0 Downvote
The syntax for script on Solaris is script -a file_name
Where file_name is the name of the output file where the terminal info will be stored. Be careful, script captures everything on the terminal so the output file may grow to be very large.
Script is not full proof, you can get out of it by typing exit. Too bad I.T. is not cash business

Luc Foata
Unix sysadmin, Oracle DBA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

arciua
  • Locked
  • Question
SUN Solaris 7: How to pin Workspace Menu?
Replies
0
Views
528
arciua
arciua
austinramsay
  • Locked
  • Question
Solaris 10 install hanging at 3%.. Where to find log file, or ideas?
Replies
1
Views
492
AvayaTier3
AvayaTier3
tekmhe
  • Locked
  • Question
Using a PC, how to delete files from a Sunblade 150 IDE drive?
Replies
3
Views
315
SamBones
SamBones
egyassun
  • Locked
  • Question
SunOS confusing root directory and user home directory 1
Replies
4
Views
486
egyassun
egyassun
ZahidHaseeb1978
  • Locked
  • Question
Start /SYS on SUN SPARC does not start machine [SUN SPARC ENTERPRISE T-5240]
Replies
0
Views
404
ZahidHaseeb1978
ZahidHaseeb1978

Part and Inventory Search

Sponsor

Back
Top