On Mon, 2009-10-19 at 17:42 +0900, Ian Masters wrote:
Hello
I'd like to know if it's possible to log the commands of all users logged into a system using syslog-ng.
I googled and looked through the man pages for syslog-ng and syslog-ng.conf but I didn't find anything useful.
Thanks in advance for your help.
Hi!
I do not think it is a syslog-ng related problem. Your OS must log all the user commands. Syslog-ng just collects them. But you have forgot to tell the OS version. (From this point it is offtopic I think.) If you use Linux I advise to install auditd and set up correctly. I use ubuntu. If auditd is installed, but not running the kernel will log to /dev/log. You just need to set up correctly the rules of auditing. Please see the auditctl command how to set it.
Peter Thanks very much for your super fast reply. My system is Solaris 10, but I think you are right. From here, it's OT. Thanks anyway. Ian