Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
cancel
Showing results for 
Search instead for 
Did you mean: 

Auditing/monitoring user input

MAD_2
Super Advisor

Auditing/monitoring user input

I need to find out if someone can help me regarding how to monitor/audit user input.

Basically, I would like to stay away from turning auditing on, unless someone can help me with the specific events I should be turning on for the specific purpose of monitoring user commands and creation, modification, or deletion of files. Specifically I would like to capture:
- user login
- user log out
- user commands
- user addition/deletion/change of files

I was advised to use "script", however the downfall here is that there is no time-stamp, and I am also interested on time stamps. Furtheremore, we end up with those bogus end or line CR characters recorded while using script and also the comment that Pete Randall presented regarding adding script to /etc/profile.

Here are some other threads I started regarding this subject:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x5ad989dc1dbf1240bef5d48e6b7234d8,00.html

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x416c613d9417d84780f71cb480c47f06,00.html

Any scripts out there, ideas, tools that are not extremely expensive?

Thanks for your comments.
Contrary to popular belief, Unix is user friendly. It's just very particular about who it makes friends with
1 REPLY
MAD_2
Super Advisor

Re: Auditing/monitoring user input

OK, I thought I bring to the top to give it a second chance and see if anyone can share some ideas regarding this subject.

In addition to the accounts monitoring/auditing, I have been making progress on system performance monitoring and setup the Big Brother application... Really nice. Now I am thinking about implementing "Big Sister" too (http://bigsister.graeff.com/), but I am finding some problems:

1. I have one Unixware 7.x and 1 SunOS 5.5.1 (neither has gcc or make installed) that I have set up as clients, but the only components monitored at this time are the newtork components, since I have not been able to successfully set them up as clients.
2. I don't seem to be able to get into any site where I can download software for Unixware (I guess their websites are being attacked or something).
3. I also need a few other components before I can proceed (it appears the only systems I can do something about are my 2 HPs)

Thanks for any help!
Contrary to popular belief, Unix is user friendly. It's just very particular about who it makes friends with