Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to log and send executed commands to the server in Linux". In daily operation, it is believed that many people have doubts about how to log executed commands in Linux and send them to the server. The editor consulted all kinds of materials and sorted out simple and useful operation methods. I hope it will be helpful to answer the question of "how to log executed commands in Linux and send them to the server"! Next, please follow the editor to study!

The first method

The code is as follows:

# vi / etc/profile

# set history format

Export HISTTIMEFORMAT= "[% Y-%m-%d% H:%M:%S] [`who am i 2 > / dev/null |\"

Awk'{print $NF}'| sed-e's / [()] / / g``] "

# record every command executed by shell

Export PROMPT_COMMAND='\

If [- z "$OLD_PWD"]; then

Export OLD_PWD=$PWD

Fi

If [!-z "$LAST_CMD"] & & ["$(history 1)"! = "$LAST_CMD"]; then

Logger-t `whoami` _ shell_cmd "[$OLD_PWD] $(history 1)"

Fi

Export LAST_CMD= "$(history 1)"

Export OLD_PWD=$PWD;'

The second method

Step 1: global settings (this is an one-time setting and requires root privileges)

The code is as follows:

# vi / etc/profile

# execute this script when the user logs in

# set history display format

Export HISTTIMEFORMAT= "[% Y-%m-%d% H:%M:%S] [`who am i 2 > / dev/null\"

| | awk'{print $NF}'| sed-e's / [()] / / g``] "

# clear the current cache echo "" > .bash _ history when logging in

Step 2: set it separately by different users

The code is as follows:

# source / etc/profile

# vi / home/user1/.bash_logout

# this script is executed when the user logs out

Tmpfile= "/ tmp/ `whoami` _ history.tmp"

# record the formatted history in a file

History > $tmpfile

# read the file and send the contents of the file to syslogd line by line.

# do not try to replace the following code with "history | logger" or "logger-f $tmpfile"

# otherwise, only the first 200 lines will be recorded.

Kenz1

While read line; do

((knight +))

Logger-t `whoami` _ shell_cmd "$line"

Done < $tmpfile

Rm-f $tmpfile

(repeat the second step if there are other users to monitor)

Step 3: send the log to the remote host (optional)

The code is as follows:

# vi / etc/rsyslog.conf

# add the following line, change IP by yourself, or use the domain name. @ means UDP protocol, @ @ means TCP protocol

*. @ 192.168.0.1

Inadequacies:

1. Cannot record commands and send log in real time

two。 To record the commands under the terminal desktop, you need to restart.

=

At this point, the study on "how to log and send executed commands to the server in Linux" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.