HPE Community
Operating System - HP-UX
1834149 Members
2319 Online
110064 Solutions
New Discussion

Re: User Acitivities Monitoring using "script" command

 
J Ramesh Kumar
Advisor

‎05-15-2008 09:07 PM

‎05-15-2008 09:07 PM

User Acitivities Monitoring using "script" command

Hi,

I have a requirement to monitor all the user activities included console output in the HP UX m/c. In other words, all the commands and outputs should be logged between an user logged-in to logged-out.(telnet to exit command). I achieved the same by using script command. I have added the following entry in the /etc/profile file and it is working fine.

. /var/session/bin/MonitorActivities.sh

I have put the MonitorActivities.sh script under the /var/session/bin directory. Herewith, I have attached the same for your quick reference. Every thing working fine, but I have the following 2 issues,

1) As per the attached MonitorActivities.sh script, if an user logged in to the m/c the logging will start and it will continue until he execute "exit" command. Once he trigger exit command, the logged file will be moved to /var/session/upload directory with the extension of ".txt". It is working properly for normal telnet commands. But I have seen huge number of files under the "/var/session/test" directory(test is username). As per the files, there is some operation triggered periodically to monitor system by using the following commands,
- /usr/bin/bdf
- uptime
- /usr/bin/vmstat 1 3
I have seen the following line at the end of log file,
"script done due to signal on Thu May 15 23:23:37 2008"
That means the logging is properly working and script is completed properly. But after completion of the script, the log file movement is not working properly ie, from line 17 of MonitorAct..sh script. Did I miss anything ?

2) I have seen some files are created under /var/session directory with name "-290408_01_41_31". That means, the "/bin/id -unr" command did not return proper user name. What scenario will leads to assign empty string as user name? As a workaround I may check the whether user name is empty or not. But I would like to understand the issue scenario.

Pls refer the attached file which will give you better understanding of the functionality and it will help us to identify the issue.

I greatly appreciate your help on this.

Thanks,
Ramesh
0 Kudos
Reply
1 REPLY 1
J Ramesh Kumar
Advisor

‎05-16-2008 03:24 AM

‎05-16-2008 03:24 AM

Re: User Acitivities Monitoring using "script" command

Hi,

I got the issue. The commands are programatically executed via a CLI api. They first execute "su" command and execute "exit" command. This exit command only for su not entire session. After that they forcefully closed the session via the program. Hence the log movement is not working. If I execute 2 exit commands, it is working fine.

Thanks,
Ramesh
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.