[syslog-ng] Log all user commands
マスターズ イアン
ian at acces.co.jp
Mon Oct 19 11:13:55 CEST 2009
> On Mon, 2009-10-19 at 17:42 +0900, Ian Masters wrote:
>> Hello
>>
>> I'd like to know if it's possible to log the commands of all users logged into a
>> system using syslog-ng.
>>
>> I googled and looked through the man pages for syslog-ng and syslog-ng.conf but
>> I didn't find anything useful.
>>
>> Thanks in advance for your help.
>
> Hi!
>
> I do not think it is a syslog-ng related problem. Your OS must log all
> the user commands. Syslog-ng just collects them. But you have forgot to
> tell the OS version. (From this point it is offtopic I think.) If you
> use Linux I advise to install auditd and set up correctly. I use ubuntu.
> If auditd is installed, but not running the kernel will log to /dev/log.
> You just need to set up correctly the rules of auditing. Please see the
> auditctl command how to set it.
Peter
Thanks very much for your super fast reply.
My system is Solaris 10, but I think you are right. From here, it's OT.
Thanks anyway.
Ian
More information about the syslog-ng
mailing list