Enable logging on Linux SSH/SVN server.


We have a linux server that is running SVN repositories, apache, and SSH terminal.  Is there a way to enable logging so we can see which users are accessing the SSH/apache server, accessing/modifying/deleting files, etc, and write the logs to file?  

Thank you
OAC TechnologyProfessional NerdsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

if you use suduers , and give user permission as necessary

and activate log for sudoers, it will write in that log file , which users was doing what

and also have a look at this article


which is related to this http://www.cyberciti.biz/tips/linux-and-unix-interactive-process-and-users-monitoring-tool.html

OAC TechnologyProfessional NerdsAuthor Commented:
How do I use sudoers and activate logging?

Installing sudo

yum install sudo

after sudo installed, then edit : /etc/sudoers file
and add this line :
Defaults        logfile=/var/log/sudo.log"

add a user in /etc/sudoers file to work with sudo command

what is sudo and su command : http://kb.iu.edu/data/amyi.html

some article about sudoers


Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

OAC TechnologyProfessional NerdsAuthor Commented:
This looks like it only logs actions when users use the sudo command.  Is this the case?  If it is, I need something that would log all normal user actions without any other commands on their part.   Thanks for the help
yes, sudo log will write what user has typed in the system but user will have to use sudo command

have you tryed the link i have post whowatch
this information "which users are accessing the SSH/apache server,"  can be easily get by whowatch

but this "accessing/modifying/deleting files, etc, and write the logs to file?   =  do want to get realtime info ??

you can install audit , to see who made changes to a file


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
OAC TechnologyProfessional NerdsAuthor Commented:
Thank you, it looks like audit does what we need.  There seems to be tons of information held in the log file and that makes it hard to read.  ausearch -i works fine when searching for one file, but do you know of a log parser that would make the audit.log file easier to read as a whole?  

Thanks again for all the help
here is some log analyzer
but not sure if one of those are for audit,

i will have  a look at net and will come back to you
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.