HPE Community
Operating System - HP-UX
1834884 Members
2457 Online
110071 Solutions
New Discussion

Logging with HP-UX

 
Michael Obershaw
New Member

‎08-24-2005 09:53 AM

‎08-24-2005 09:53 AM

Logging with HP-UX

I would like to perform file and folder access logging for the purposes of monitoring user activity, however i do not want to turn on all Logging. Is there a way I can selectively log access to specific files and folders? Or alternatively only monitor login / logoff and all file and folder access?
0 Kudos
Reply
8 REPLIES 8
Raj D.
Honored Contributor

‎08-24-2005 10:01 AM

‎08-24-2005 10:01 AM

Re: Logging with HP-UX

Hi Michael ,

You can monitor users details , through their command history :

check this
# cat ~username/.sh_history

You can come to know what command ,which file user is accesing.

This is applicable for unix users only.


Cheers ,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Reply
Raj D.
Honored Contributor

‎08-24-2005 10:03 AM

‎08-24-2005 10:03 AM

Re: Logging with HP-UX

And it is very difficult to log file and folder they are accessing.


Rather you can set permission to the files and folder you do not want the user to access, with chown and chmod commands.

Hope this will help ,

Cheers,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Reply
RAC_1
Honored Contributor

‎08-24-2005 10:08 AM

‎08-24-2005 10:08 AM

Re: Logging with HP-UX

Without turning auditing on, it is not possible. Also with auditing, you do not get that much granularity. You can log evenets with it, but not everything.

Other option is to look at .sh_history file of that user. (if it has been set properly.)

There is product called powerbroker (additional $$), that seems to have such feature. Do not know much about it though.

There is no substitute to HARDWORK
0 Kudos
Reply
Raj D.
Honored Contributor

‎08-24-2005 10:27 AM

‎08-24-2005 10:27 AM

Re: Logging with HP-UX

Hi Michael ,

Symark PowerBroker 3.2 for (HPUX) is available.

And Symark PowerBroker provides security and accountability by enabling system administrators to delegate administrative privileges and authorization without disclosing the root password and to grant selective access to UNIX .

You can check out this link , but its ($$) as RAC said,
http://trialware.techrepublic.com/thankyou.aspx?scid=2004&docid=77353&view=77353

But you can try the evaluation copy.

Cheers ,
Raj.



" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎08-24-2005 12:10 PM

‎08-24-2005 12:10 PM

Re: Logging with HP-UX

Hi Michael:

As noted, short of enabling the accounting functions for more detailed logging of user activity, you're not going to obtain too much information.

For a minimum of overhead you have at leat three (3) places you can find basic tracks for users logins. If present, the file '/var/adm/wtmp' records sucessful login sessions (including from "where" and "when"). It's cousin, '/var/adm/btmp' records bad login attempts. Lastly, '/var/adm/sulog' holds a record of switch-user ('su') actions. The three files can be quite useful.

Have a look at the man pages for 'wtmp'. If you want to turn on logging simply 'touch' an empty file. The same apllies for 'btmp'. Correspondingly, to turn off logging, remove the file in question.

Regards!

...JRF...
0 Kudos
Reply
Rick Garland
Honored Contributor

‎08-24-2005 03:40 PM

‎08-24-2005 03:40 PM

Re: Logging with HP-UX

You need to use auditing to watch users this closely.

You can check the HIST file of the users.

Other option, if you can set the permissions and ownerships of these non-OS directories/files so users are forced to use sudo or powerbroker or...

Be very careful with this last option. Could cause more trouble than its worth.

0 Kudos
Reply
Vibhor Kumar Agarwal
Esteemed Contributor

‎08-24-2005 05:28 PM

‎08-24-2005 05:28 PM

Re: Logging with HP-UX

You can also use the "script" option.

Just write in their .profile
scirpt logfile

Later you can grep it for specific folders.
Vibhor Kumar Agarwal
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎08-24-2005 06:45 PM

‎08-24-2005 06:45 PM

Re: Logging with HP-UX

Refer this threads,

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=945609
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=939679

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.