Bash shell logging technique
In my previous post, Record command lines / terminal sessions on UNIX shell, we have seen the use of ‘script’ CLI to record terminal session on Unix (LINUX) platforms.
There are few other ways to monitor or logging user shell using rootsh, sudosh and ttyrec etc. However, in this post, we will utilize ‘script’ CLI to monitor or logging user’s command line shell. This is useful if you are hesitant to install any third party tool on your Unix box which is often a case in production environments.
It is fairly easy to invoke ‘script’ after user logs in. Just put following entry (colored in orange) in ‘/etc/profile’ file.
--------------------------Start Of Shell------------------------------------
ts:~# tail /etc/profile test -x /usr/bin/faillog && /usr/bin/faillog
fi
fi
esac
/usr/bin/script –a /path/to/your/$USER.txt 2>&1
exit
#
# End of /etc/profile
#
ts:~# --------------------------End Of Shell------------------------------------
Above Two lines at the end of ‘/etc/profile’ invokes ‘script’ CLI immediately after user logs into the machine and redirecting its logged shell output to “/path/to/your/<YourUserName>.txt” file. So whatever user types or displayed at the shell prompt (terminal session) is logged automatically by default.
Be careful while utilizing this technique as once you log out and again login to the machine, your session will also get recorded immediately. So path to the file where terminal session is recorded should be carefully chosen and secured. Path specified above is for example purpose only. Considering this technique is also useful for spying or logging user shell or terminal sessions without requiring any third party tools, people securing their UNIX machines should take note of this point.
Do you use any other method to log your shell? Do let everyone know in comments below.
Never miss an update. Subscribe and follow to stay informed. Delivered Every Tuesday.
We hate spam too, we will never share your details.
Mandar Pise
Opinions expressed by techsutram contributors are their own. More details
Mandar is a seasoned software professional for more than a decade. He is Cloud, AI, IoT, Blockchain and Fintech enthusiast. He writes to benefit others from his experiences. His overall goal is to help people learn about the Cloud, AI, IoT, Blockchain and Fintech and the effects they will have economically and socially in the future.
Weekly Newsletter
Never miss an update. Subscribe and follow to stay informed.
Delivered Every Tuesday.
Delivered Every Tuesday.
Thank you! You have successfully subscribed to our newsletter.
We hate spam too, we will never share your details.
No comments:
Post a Comment
Your valuable comments are welcome. (Moderated)