HPE Community
Operating System - HP-UX
1835962 Members
2185 Online
110088 Solutions
New Discussion

Keeping track on sysadmins activities

 
SOLVED
Go to solution
Mihails Nikitins
Super Advisor

‎01-31-2003 08:54 AM

‎01-31-2003 08:54 AM

Keeping track on sysadmins activities

Hi,

Imagine group of several sysadmins working with many systems. Keeping good and convenient records of changes and jobs is a pain...

Thanks and points in advance for sharing your policies/tools/links!

BR,
Mihails
KISS - Keep It Simple Stupid
0 Kudos
Reply
8 REPLIES 8
Steven E. Protter
Exalted Contributor

‎01-31-2003 09:13 AM

‎01-31-2003 09:13 AM

Solution

Re: Keeping track on sysadmins activities

We have something called the console log.

Its a little forum in the public folder of our Microsoft Exchange server.

All configuration changes are supposed to be recorded there.

Further, we keep records in a paper notebook, especially when the backup is alone,like when I'm on vacation.

Lastly, we archive the root keyboard logs so that we can go back and know who did what to which system.

P
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
John Dvorchak
Honored Contributor

‎01-31-2003 10:51 AM

‎01-31-2003 10:51 AM

Re: Keeping track on sysadmins activities

On all of my systems I have the following in root's .profile:

# sets .sh_hist file to id of user

if [ "`tty`" = "/dev/console" ]
then
REAL=console
else
REAL=`logname`
fi

HISTFILE=$HOME/.sh_$REAL
export HISTFILE
HISTSIZE=10000; export HISTSIZE


Then you can keep tract of everyone that su's to root and on the console as well.
If it has wheels or a skirt, you can't afford it.
Reply
A. Clay Stephenson
Acclaimed Contributor

‎01-31-2003 11:06 AM

‎01-31-2003 11:06 AM

Re: Keeping track on sysadmins activities

Because you may be working on many flavors of UNIX, my approach os to keep things simple. In an agreed upon file location on every box, I keep a simple text file of who, when, and what. Any changes made to that box are noted in the file on that box. When you are making changes to 50 servers, it's a good way to know that a particular box has been done.

The Part B of this is that each admin should keep a log. Mine are simply bound notebooks that span many years. It's amazing how much I learn by simply reading over these things from time to time.

If it ain't broke, I can fix that.
Reply
Mihails Nikitins
Super Advisor

‎02-03-2003 12:26 AM

‎02-03-2003 12:26 AM

Re: Keeping track on sysadmins activities

Hi,

Thanks for the replies. Feedback from other members will also be appreciated.

BR,
Mihails
KISS - Keep It Simple Stupid
0 Kudos
Reply
BLADE_1
Frequent Advisor

‎02-03-2003 01:07 AM

‎02-03-2003 01:07 AM

Re: Keeping track on sysadmins activities

hi mihails,

I guess logging activities are true pains..needs to be clear and disciplined effort. I prefer mails, Centrally stored record XLS sheets and written records especially for backups..

One tool i liked very much and use in my daily monitorying part is WEBMIN...you can download from www.webmin.com...

rgds
nainesh
fortune favours the brave
Reply
Christian Gebhardt
Honored Contributor

‎02-03-2003 02:46 AM

‎02-03-2003 02:46 AM

Re: Keeping track on sysadmins activities

Hi

we have a WEB-Based Application (Discus version 3.10.3), we call it "Knowledge data base".

In this database we have a tree like structure, eg:
Customer --> Application --> machine --> Database

On the machines we have an entry in the .profile:
ttwei=$(tty |cut -d "/" -f 3-)
HISTFILE=/.sh_history_$(who -R |awk -F'[()]' ' $1~t {print $2 } ' t=$ttwei)
export HISTFILE

This gives us a history from the last commands from the different users

Chris

Reply
Yogeeraj_1
Honored Contributor

‎02-03-2003 05:14 AM

‎02-03-2003 05:14 AM

Re: Keeping track on sysadmins activities

hi mihails,

We keep an "Incident log book" that contain all the interventions made on any of our 5 servers (From a simple shutdown to a major upgrade)

Simple and practical.

On top of that we have a small folder in our public folder in our Microsoft Exchange server, which contains a detailed description of any intervention on the server.

Have helped us several times.

Cheers
Yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Reply
harry d brown jr
Honored Contributor

‎02-03-2003 05:33 AM

‎02-03-2003 05:33 AM

Re: Keeping track on sysadmins activities

We have 15 admins for around 400+ HP servers, 10+ AIX servers and close to 100 sun servers.

The task of "watching" them is huge, if not close to impossible, so you have to embellish a little trust. If they come to work in a new Jag, well then you might want to start monitoring them.

We do track what hosts they login to, and each has their own history (.sh_history) files, and that's about where it ends. I guess we could spend a few million dollars to purchase security logging software, but then you have to hire qualified SysAdmins to read over the data, which would be a full time job for about 6 people. If I were a socialist, I'd be all for it, but being that I'm not, there comes a time of "diminishing returns" - how much money do you want to spend to protect how much "money"??





live free or die
harry
Live Free or Die
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.