- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Easy yet I cannot answer - Question about HISTFILE
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2003 06:56 AM
12-15-2003 06:56 AM
Here is my setup. I have HP-UX 11i and in each .profile, we specify
For Example
HISTFILE=.sh_history
HISTSIZE=1000
The question is , instead of just BLABLING all commands in a text file and not knowing exactly what time and date they were typed(see example below)
ls
cd /tmp
rm *
cd ..
Is there a way to have it log all commands but with the DATE and TIME each command was used? (see proposed output below)
Mon Dec 15 14:54:13 EST 2003: ls
Mon Dec 15 14:57:26 EST 2003: cd /tmp
Mon Dec 15 14:58:43 EST 2003: rm *
Mon Dec 15 14:59:31 EST 2003: cd ..
It would help us in knowing when commands were launched / executed!
Any help is appreciated! Thanks!!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2003 07:03 AM
12-15-2003 07:03 AM
Re: Easy yet I cannot answer - Question about HISTFILE
In order to accomplish this, you'll need third party software or to write a little routine to process this log into a secondary log.
Someone in itrc may have one.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2003 07:05 AM
12-15-2003 07:05 AM
Re: Easy yet I cannot answer - Question about HISTFILE
The .sh_history file is meant as just a command history file. It is not meant to be used to audit who runs what commands when.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2003 07:32 AM
12-15-2003 07:32 AM
SolutionI once thought of the same thing. To monitor a single user I made a script called tail_hist.sh:
#!/usr/bin/sh
USER_HISTFILE=
tail -1f $USER_HISTFILE| while read line
do
echo $(date) "$line" >>/tmp/copy.hist.user
done
which I then started in the background before the user actually logged on, e.g.:
# ./tail_hist.sh &
When the user logs on, his commands are then duplicated to /tmp/copy.hist.user
It works for a single user, but is difficult to administrate for more than one session. You should also consider the legal aspects.
regards,
John K.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-15-2003 07:56 AM
12-15-2003 07:56 AM
Re: Easy yet I cannot answer - Question about HISTFILE
# Set up logging
HISTFILE=${HOME}/.sh_history_`who am i|awk '{ print $1}'`
date >>$HISTFILE
export HISTFILE
HISTSIZE=500
export HISTSIZE
It time stamps each time one of us admin su's to root and keeps a separate root history for each admin.
Doesn't do it for all commands....
Rgds...Geoff