[syslog-ng] Log all user commands
ian at acces.co.jp
Mon Oct 19 11:13:55 CEST 2009
> On Mon, 2009-10-19 at 17:42 +0900, Ian Masters wrote:
>> I'd like to know if it's possible to log the commands of all users logged into a
>> system using syslog-ng.
>> I googled and looked through the man pages for syslog-ng and syslog-ng.conf but
>> I didn't find anything useful.
>> Thanks in advance for your help.
> I do not think it is a syslog-ng related problem. Your OS must log all
> the user commands. Syslog-ng just collects them. But you have forgot to
> tell the OS version. (From this point it is offtopic I think.) If you
> use Linux I advise to install auditd and set up correctly. I use ubuntu.
> If auditd is installed, but not running the kernel will log to /dev/log.
> You just need to set up correctly the rules of auditing. Please see the
> auditctl command how to set it.
Thanks very much for your super fast reply.
My system is Solaris 10, but I think you are right. From here, it's OT.
More information about the syslog-ng