HPE Community
Operating System - HP-UX
1828202 Members
1960 Online
109975 Solutions
New Discussion

Monitoring Users

 
SOLVED
Go to solution
Jose Luis
Advisor

‎06-26-2002 09:11 AM

‎06-26-2002 09:11 AM

Monitoring Users

Thank's everybody for your help. I did know about .history file, but is there some smarter application with dates, time and user command?
Thank's
The UNIX world is the tenth planet in the solar system
0 Kudos
Reply
5 REPLIES 5
Tony Romero
Advisor

‎06-26-2002 09:25 AM

‎06-26-2002 09:25 AM

Re: Monitoring Users

Jose,

The only other command I can think of is fc. For instance, you could su to a user's acct and do an fc -l and that would show you the commands that user has executed. Or you could set your system as a trusted system and audit certain users and functions.
Freedom!!!
Reply
Arockia Jegan
Trusted Contributor

‎06-26-2002 09:40 AM

‎06-26-2002 09:40 AM

Re: Monitoring Users

Hi,

If you want to monitor only some special accounts (like root) you can install sudo software on your system. Don't give the password of the special accounts to any one. But configure the sudoer file to give require access to them when they use sudo.

When they use sudo to run the commands it will keep all the records (including time, date, action... etc).

Else turn on the auditing..

0 Kudos
Reply
Craig Rants
Honored Contributor

‎06-26-2002 09:44 AM

‎06-26-2002 09:44 AM

Solution

Re: Monitoring Users

The thing about monitoring commands is that command names can be changed, so don't think of that as truly exact accounting. Anyway you can monitor commands with system accounting, started in /sbin/init.d/acct (read up on it first), and monitor system calls with trusted computing base acccounting.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
Reply
Martin Johnson
Honored Contributor

‎06-26-2002 09:57 AM

‎06-26-2002 09:57 AM

Re: Monitoring Users

If you are not using account at this time, make sure you read up on it before you start it up. If you are not careful, you can easily fill up the file system where the log file resides.

HTH
Marty
Reply
MANOJ SRIVASTAVA
Honored Contributor

‎06-26-2002 10:02 AM

‎06-26-2002 10:02 AM

Re: Monitoring Users

Hi Jose


It depends on waht level you plan to caputer the details ,

1. Like for loggin in we have no direct logins to roo and oracle and apps annd people ahve to log in as theire users and then su to the users , hence we caputer logs like that.

2.ofcouse as you say .sh_history.

3. You can enable process accounting , and this will create huge log files as to which use ran which command from waht terminal a detailed information can be got from this .

You ca do a man acct , and the commnad is /usr/sbin/acct/acctcom


Manoj Srivastava

Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.