Enable logging on Linux SSH/SVN server.

Hi,

We have a linux server that is running SVN repositories, apache, and SSH terminal.  Is there a way to enable logging so we can see which users are accessing the SSH/apache server, accessing/modifying/deleting files, etc, and write the logs to file?  

Thank you
LVL 2
OAC TechnologyProfessional NerdsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

fosiul01Commented:
if you use suduers , and give user permission as necessary

and activate log for sudoers, it will write in that log file , which users was doing what

and also have a look at this article

http://www.cyberciti.biz/faq/monitor-linux-user-activity-in-real-time/

which is related to this http://www.cyberciti.biz/tips/linux-and-unix-interactive-process-and-users-monitoring-tool.html

0
OAC TechnologyProfessional NerdsAuthor Commented:
How do I use sudoers and activate logging?

Thanks
0
fosiul01Commented:
Installing sudo

yum install sudo


after sudo installed, then edit : /etc/sudoers file
and add this line :
Defaults        logfile=/var/log/sudo.log"

add a user in /etc/sudoers file to work with sudo command

what is sudo and su command : http://kb.iu.edu/data/amyi.html

some article about sudoers

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch09_:_Linux_Users_and_Sudo#The_.2Fetc.2Fsudoers_File

http://edipage.wordpress.com/2008/09/30/quickly-secure-centos-5-by-enabling-sudo-disabling-root-and-limiting-access/
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

OAC TechnologyProfessional NerdsAuthor Commented:
This looks like it only logs actions when users use the sudo command.  Is this the case?  If it is, I need something that would log all normal user actions without any other commands on their part.   Thanks for the help
0
fosiul01Commented:
yes, sudo log will write what user has typed in the system but user will have to use sudo command

have you tryed the link i have post whowatch
0
fosiul01Commented:
this information "which users are accessing the SSH/apache server,"  can be easily get by whowatch

but this "accessing/modifying/deleting files, etc, and write the logs to file?   =  do want to get realtime info ??


0
fosiul01Commented:
you can install audit , to see who made changes to a file

http://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
OAC TechnologyProfessional NerdsAuthor Commented:
Thank you, it looks like audit does what we need.  There seems to be tons of information held in the log file and that makes it hard to read.  ausearch -i works fine when searching for one file, but do you know of a log parser that would make the audit.log file easier to read as a whole?  

Thanks again for all the help
0
fosiul01Commented:
here is some log analyzer
but not sure if one of those are for audit,
http://www.linux.org/apps/all/Administration/Log_Analyzers.html

i will have  a look at net and will come back to you
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.