[syslog-ng] Syslog_NG
Gergely Nagy
algernon at balabit.hu
Tue Oct 2 10:52:47 CEST 2012
Munh-Erdene E <munhluu at gmail.com> writes:
> Syslog-Ng server collecting all log of that clients. But syslog-ng can
> collecting only bash & sh shell logs.
> Can't collect all command log off csh, tcsh ... etc. other shells...
Ah, now I understand what you're trying to do. With a little bit of
searching and reading docs, I found that the following seems to work
with tcsh:
alias precmd 'eval logger -p local5.info "CMDLOG PWD=$PWD \; USER=$USER \; COMMAND=\`history -h 1\`"';
The problem is still unrelated to syslog-ng though, but I hope the above
helps. It results in log lines like the following:
Oct 2 10:51:06 localhost algernon: CMDLOG PWD=/home/algernon/src/syslog-ng ; USER=algernon ; COMMAND=echo Hi! This is from tcsh! WHEE!
On the other hand, this kind of 'logging' is fairly easy to break and is
unreliable in many other ways. I'd strongly suggest you enable process
accounting instead.
--
|8]
More information about the syslog-ng
mailing list