| 1 |
On 09/11/2018 04:52 AM, Stefan G. Weichinger wrote: |
| 2 |
> Is there a recommended way to track the logs? Specific setup for |
| 3 |
> syslog-ng or in my case journald? |
| 4 |
|
| 5 |
Tracking log files is different than getting things into log files. |
| 6 |
|
| 7 |
By default, shell history is decidedly excluded from system logs. |
| 8 |
|
| 9 |
There are some hacks (that's a generous term) that can (usually) log |
| 10 |
shell history. |
| 11 |
|
| 12 |
> Maybe I should setup remote syslog here? |
| 13 |
|
| 14 |
Remote syslog does have the added advantage of not being on the local |
| 15 |
system that an administrator (presumably) has a full access to. |
| 16 |
|
| 17 |
There is a big difference in logging where an administrator can modify |
| 18 |
said logs verses where they can't. On box is the former, off box is the |
| 19 |
latter. |
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
-- |
| 24 |
Grant. . . . |
| 25 |
unix || die |
Archives