Bash shell logging technique

0 Comments

In my previous post, Record command lines / terminal sessions on UNIX shell, we have seen the use of ‘script’ CLI to record terminal session on Unix (LINUX) platforms.
There are few other ways to monitor or logging user shell using rootsh, sudosh and ttyrec etc. However, in this post, we will utilize ‘script’ CLI to monitor or logging user’s command line shell. This is useful if you are hesitant to install any third party tool on your Unix box which is often a case in production environments.
It is fairly easy to invoke ‘script’ after user logs in. Just put following entry (colored in orange) in ‘/etc/profile’ file.
--------------------------Start Of Shell------------------------------------
ts:~# tail /etc/profile             test -x /usr/bin/faillog && /usr/bin/faillog
        fi
    fi
esac
/usr/bin/script –a  /path/to/your/$USER.txt 2>&1
exit
#
# End of /etc/profile
#
ts:~# --------------------------End Of Shell------------------------------------
Above Two lines at the end of ‘/etc/profile’ invokes ‘script’ CLI immediately after user logs into the machine and redirecting its logged shell output to “/path/to/your/<YourUserName>.txt file. So whatever user types or displayed at the shell prompt (terminal session) is logged automatically by default.
Be careful while utilizing this technique as once you log out and again login to the machine, your session will also get recorded immediately. So path to the file where terminal session is recorded should be carefully chosen and secured. Path specified above is for example purpose only. Considering this technique is also useful for spying or logging user shell or terminal sessions without requiring any third party tools, people securing their UNIX machines should take note of this point.
Do you use any other method to log your shell? Do let everyone know in comments below.

Note: We at TechSutram take our ethics very seriously. More information about it can be found here.
Mandar Pise Opinions expressed by techsutram contributors are their own. More details
Mandar is a seasoned software professional for more than a decade. He is Cloud, AI, IoT, Blockchain and Fintech enthusiast. He writes to benefit others from his experiences. His overall goal is to help people learn about the Cloud, AI, IoT, Blockchain and Fintech and the effects they will have economically and socially in the future.

No comments:

Post a Comment

    Your valuable comments are welcome. (Moderated)