Archives
Archives
| From: | "J. Roeleveld" <joost@××××××××.org> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] logging my activity for audits | ||
| Date: | Wed, 12 Sep 2018 15:59:18 | ||
| Message-Id: | 2049951.MmQiK2HnL0@eve | ||
| In Reply to: | [gentoo-user] logging my activity for audits by "Stefan G. Weichinger" |
||
| 1 | On Tuesday, September 11, 2018 12:52:03 PM CEST Stefan G. Weichinger wrote: |
| 2 | > At a customer we were asked to log/protocol all my administrative |
| 3 | > activity for potential audits etc |
| 4 | > |
| 5 | > My admin-work is basically 98% ssh and maybe some additional tasks done |
| 6 | > via virt-manager (logging the work inside the VMs there is another topic |
| 7 | > ... I realize that right now). |
| 8 | > |
| 9 | > Is there a recommended way to track the logs? Specific setup for |
| 10 | > syslog-ng or in my case journald? |
| 11 | > |
| 12 | > Maybe I should setup remote syslog here? |
| 13 | |
| 14 | All, |
| 15 | |
| 16 | This piqued my interest and decided to google a little bit. |
| 17 | Found the following, which might help: |
| 18 | |
| 19 | https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server |
| 20 | |
| 21 | Same method is described in: |
| 22 | |
| 23 | https://serverfault.com/questions/323270/how-can-i-make-bash-to-log-shell-commands-to-syslog |
| 24 | |
| 25 | This will help if all you do is working within bash. If you switch to a |
| 26 | different shell or run scripts, the logging obviously fails. |
| 27 | |
| 28 | Another method might be: |
| 29 | https://www.linuxjournal.com/article/6144 |
| 30 | |
| 31 | This is an older document, but might still be made to work as it uses "process |
| 32 | accounting" which is still in the kernel afaik. |
| 33 | |
| 34 | -- |
| 35 | Joost |
| Subject | Author |
|---|---|
| Re: [gentoo-user] logging my activity for audits | Grant Taylor <gtaylor@×××××××××××××××××××××.net> |