Re: User auditing
- From: Bruce Whittaker <bwhittak@xxxxxxxxxxxxx>
- Date: Thu, 10 Aug 2006 09:59:34 +1000
LScheetz@xxxxxxxxxxx wrote on 09/08/2006 22:53:09:
Admins,see it?
I know you can log a user?s history in their home directory ?.
sh_history?. I would like to be able to go back and check what a
specific user did at a specific time. My question is that can I
keep track of this history but keep it somewhere they can?t edit it or
Larry,
.sh_history doesn't have timestamps within the file. But it may be
sufficient for you to run a
script via crontab to copy to copy the users .sh_history file to your own
secret place and put a time
stamp on it. Thus you can see if someone did something naughty and you'll
know they did it between this
time and that - the user will be none the wiser.
If that is not good enough, you may be looking at some shell wrappers
which will execute commands and
log audit trails for you. I don't know the packages that do that though.
Cheers,
Bruce Whittaker.
----------------------------------------------------------------------------------------
This e-mail may contain confidential or privileged information. If you have received it in error, please notify the sender immediately via return e-mail and then delete the original e-mail. EnergyAustralia has collected your business contact details for dealing with you in your business capacity. More information about how we handle your personal information, including your right of access is contained at http://www.energy.com.au.
----------------------------------------------------------------------------------------
- References:
- User auditing
- From: Larry Scheetz
- User auditing
- Prev by Date: Re: Mounting a Windows Share
- Next by Date: Re: How do you set up a X server on AIX?
- Previous by thread: User auditing
- Next by thread: Re: User auditing
- Index(es):
Relevant Pages
|
|
