Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Enable logging on Linux SSH/SVN server.

Posted on 2008-11-18
9
Medium Priority
?
948 Views
Last Modified: 2013-12-16
Hi,

We have a linux server that is running SVN repositories, apache, and SSH terminal.  Is there a way to enable logging so we can see which users are accessing the SSH/apache server, accessing/modifying/deleting files, etc, and write the logs to file?  

Thank you
0
Comment
Question by:OAC Technology
  • 6
  • 3
9 Comments
 
LVL 29

Expert Comment

by:fosiul01
ID: 22987629
if you use suduers , and give user permission as necessary

and activate log for sudoers, it will write in that log file , which users was doing what

and also have a look at this article

http://www.cyberciti.biz/faq/monitor-linux-user-activity-in-real-time/

which is related to this http://www.cyberciti.biz/tips/linux-and-unix-interactive-process-and-users-monitoring-tool.html

0
 
LVL 2

Author Comment

by:OAC Technology
ID: 22988629
How do I use sudoers and activate logging?

Thanks
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 22988804
Installing sudo

yum install sudo


after sudo installed, then edit : /etc/sudoers file
and add this line :
Defaults        logfile=/var/log/sudo.log"

add a user in /etc/sudoers file to work with sudo command

what is sudo and su command : http://kb.iu.edu/data/amyi.html

some article about sudoers

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch09_:_Linux_Users_and_Sudo#The_.2Fetc.2Fsudoers_File

http://edipage.wordpress.com/2008/09/30/quickly-secure-centos-5-by-enabling-sudo-disabling-root-and-limiting-access/
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Author Comment

by:OAC Technology
ID: 22989041
This looks like it only logs actions when users use the sudo command.  Is this the case?  If it is, I need something that would log all normal user actions without any other commands on their part.   Thanks for the help
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 22989073
yes, sudo log will write what user has typed in the system but user will have to use sudo command

have you tryed the link i have post whowatch
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 22989153
this information "which users are accessing the SSH/apache server,"  can be easily get by whowatch

but this "accessing/modifying/deleting files, etc, and write the logs to file?   =  do want to get realtime info ??


0
 
LVL 29

Accepted Solution

by:
fosiul01 earned 2000 total points
ID: 22989213
you can install audit , to see who made changes to a file

http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html

0
 
LVL 2

Author Comment

by:OAC Technology
ID: 23006384
Thank you, it looks like audit does what we need.  There seems to be tons of information held in the log file and that makes it hard to read.  ausearch -i works fine when searching for one file, but do you know of a log parser that would make the audit.log file easier to read as a whole?  

Thanks again for all the help
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 23007811
here is some log analyzer
but not sure if one of those are for audit,
http://www.linux.org/apps/all/Administration/Log_Analyzers.html

i will have  a look at net and will come back to you
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure Shell (SSH) is a network protocol for secure data communication, mainly used to administer remote Unix / Linux servers via command line. But it also allows the user to open a secure tunnel between a client and a server where he can send any k…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses
Course of the Month15 days, 7 hours left to enroll

575 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question