HPE Community
Operating System - HP-UX
1833042 Members
2345 Online
110049 Solutions
New Discussion

Want monitor program

 
kenlo
Advisor

‎04-23-2003 08:29 PM

‎04-23-2003 08:29 PM

Want monitor program

Anyone know what kind of program can monitor user behaviour. For example, log what command user type in the unix sheel.
0 Kudos
Reply
7 REPLIES 7
Radhakrishnan Venkatara
Trusted Contributor

‎04-23-2003 08:41 PM

‎04-23-2003 08:41 PM

Re: Want monitor program

hi,

i think there is an option when u r using trusted systems where u can specify which command should be logged. but i haven't used it.

u can use script command , u can put it the .profile file in the user home directory.

this will log each everything including the results displayed in the particular termimnal.

note:- log file will be huge.

radhakrishnan
Negative thinking is a highest form of Intelligence
0 Kudos
Reply
Balaji N
Honored Contributor

‎04-23-2003 09:13 PM

‎04-23-2003 09:13 PM

Re: Want monitor program

first, why would you want to do that and eat into an user's privacy.


the easiest approach is to give a shell which has history features (csh, ksh, tcsh, etc) and then the set the history size to say 1000 or more and then take a backup of the history file on a regular basis.

hth
-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.
0 Kudos
Reply
Michael Tully
Honored Contributor

‎04-23-2003 09:28 PM

‎04-23-2003 09:28 PM

Re: Want monitor program

There is the general '.sh.history' file, but the problem is the user has read/write access to it.
The only foolproof method is to set up system as trusted and you can audit actual events. The only other method is to set up accounting/auditing, but beware of the disk space utilisation. Have a look at the man page for audsys.
Anyone for a Mutiny ?
0 Kudos
Reply
kenlo
Advisor

‎04-23-2003 09:46 PM

‎04-23-2003 09:46 PM

Re: Want monitor program

It is secure unix machine. Just allow few administrators to do some tasks. They also agree to capture the input command for record.
0 Kudos
Reply
Balaji N
Honored Contributor

‎04-23-2003 10:08 PM

‎04-23-2003 10:08 PM

Re: Want monitor program

then ok. go ahead. setup a cron job to copy the history files periodically.

hth
-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.
0 Kudos
Reply
Giada Bonfà
Frequent Advisor

‎04-24-2003 03:05 AM

‎04-24-2003 03:05 AM

Re: Want monitor program

hi
try to see user .sh_history or set this feature by inserting:

HISTFILE=/"user home directory"/.sh_history

HISTSIZE=1000 --> number of user cmd that you can see.

export HISTFILE HISTSIZE
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎04-24-2003 03:14 AM

‎04-24-2003 03:14 AM

Re: Want monitor program

Common sense tells one that users should NEVER have access to shell's! They have a job to do and that should be done via applications and these applications should do their own monitoring!

THere is absolutely no valid reason for a "user", and I'm not talking about developers or systems people, I'm talking about "users" to need access to shells. If a "user" thinks they do need access to shells, then you need to modify or create applications to assist them, but by all means they MUST be kept out of shells! It's the first rule of security!

Do you ever get audits.


live free or die
harry
Live Free or Die
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.