• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 470
  • Last Modified:

Logging all the user activities, and commands

Hi All,
   I want to create some sort of Audit Log to audit the users activities, and the commands they are entering on a Sun Solaris system (V.8.0) and generate an audit log for so, and on the other hand the user should not have the previlige to disable the logging for his activity.
    I hope to find any clue soon, as that is threatening my system.
0
A_HASSAN
Asked:
A_HASSAN
3 Solutions
 
ahnbergCommented:
Please study the document published at the following URL to learn about system accounting using Solaris 8.

http://docs.sun.com/app/docs/doc/805-7229/6j6q8svga?a=view
0
 
yuzhCommented:
You can  use -- "bsmconv" -- BSM (Basic Security Module) Auditing, it is installed on your system, but disabled by default, all you need to do is to configure and enable it. Once you get it runing, you can check all the users' command history. (eg use "lastcomm")
man bsmconv
man lastcomm

to learn more details.
http://www.boran.com/security/sp/Solaris_bsm.html
http://docs.sun.com     -- Search for BSM


and
http:Q_10058861.html
0
 
root_startCommented:
Hi A_HASSAN,

Try to read some about it in the sun man pages for: audit -> man audit
There you are going to find some information about the audit command and also other commands.
From Man pages:
=================================================================
SEE ALSO
     bsmconv(1M),   praudit(1M),   audit(2),    audit_control(4),
     audit_user(4), attributes(5)
=================================================================

Also, if you really want to know how audit works in Unix systems, you can check the following link: http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1004976,00.html

In the following link you will find out how to set up audit http://docs.sun.com/app/docs/doc/805-8057?q=Audit+trail

I hope it helps you. =0)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now