HPE Community
Operating System - HP-UX
1827293 Members
1598 Online
109717 Solutions
New Discussion

Re: user activity log

 
SOLVED
Go to solution
cch_1
Occasional Contributor

‎01-17-2006 05:52 PM

‎01-17-2006 05:52 PM

user activity log

my system (HPUX) is not a trusted/ audited system.
But i would like to retrieve a user activity log ( other than the shell history file )

Is that any clues or any areas I can trace the user activity ?
thank you.
0 Kudos
8 REPLIES 8
RAC_1
Honored Contributor

‎01-17-2006 05:55 PM

‎01-17-2006 05:55 PM

Re: user activity log

You have very limited options without trusted system/audited system and .sh_history file.

Look at man page of script. But these files grow very fast.
There is no substitute to HARDWORK
0 Kudos
Arunvijai_4
Honored Contributor

‎01-17-2006 05:59 PM

‎01-17-2006 05:59 PM

Re: user activity log

Hello,

You can do it by setting up history command,

In user's .profile, add the following line
HISTFILE=$HOME/.sh_history ; export HISTFILE

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
cch_1
Occasional Contributor

‎01-17-2006 06:04 PM

‎01-17-2006 06:04 PM

Re: user activity log

Thank you. I have already enabled history in my system.

Other than shell history, what can I do in order to trace the user activity in 1-2days ago ?
0 Kudos
Arunvijai_4
Honored Contributor

‎01-17-2006 06:38 PM

‎01-17-2006 06:38 PM

Re: user activity log

Hello,

Check your system log files, /var/adm/syslog/syslog.log , OLDsyslog.log, mail.log.

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Cem Tugrul
Esteemed Contributor

‎01-17-2006 07:20 PM

‎01-17-2006 07:20 PM

Solution

Re: user activity log

Hello,

Here are some links may help to you;

http://forums1.itrc.hp.com/service/forums/bizsupport/questionanswer.do?threadId=218820

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=109749

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=740203

Good luck,
Our greatest duty in this life is to help others. And please, if you can't
Devender Khatana
Honored Contributor

‎01-17-2006 07:26 PM

‎01-17-2006 07:26 PM

Re: user activity log

Hi,

The commands are listed in the history file as mentioned earlier. You can see that and also use history command.

#history -1000

There are no other footprints available by default.

HTH,
Devender
Impossible itself mentions "I m possible"
0 Kudos
Nguyen Anh Tien
Honored Contributor

‎01-18-2006 02:38 PM

‎01-18-2006 02:38 PM

Re: user activity log

each user has his/her own history file. It located at ~.sh_history by default!
HP is simple
0 Kudos
rariasn
Honored Contributor

‎01-18-2006 06:09 PM

‎01-18-2006 06:09 PM

Re: user activity log

Hi cch,

Modify /etc/profile, and add,

DATE=`date +%d_%b_%o_%a_%R:%S`
DEST=`hostname`
ORI=`who -R am i | awk '{print $6}' | cut -c2- | cut -f1 -d ')'`
mkdir -p $HOME/.historicos
HISTFILE=$HOME/.historicos/$DATE.$DEST.$ORI.$LOGNAME.txt
export HISTFILE
HISTSIZE=16384
export HISTSIZE
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.