Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Track sudo userids

Posted on 2013-05-24
3
Medium Priority
?
380 Views
Last Modified: 2013-06-07
I am trying to see if there is a way to tell what user used sudo to do work on the server. I need to know if there is a log file that has the userid of the person who invoked sudo to make changes in the system.

Thanks
0
Comment
Question by:hsdoctor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 19

Accepted Solution

by:
jools earned 536 total points
ID: 39194325
this is usually logged in /var/log/messages or perhaps /var/log/secure, depends on your distro.
0
 
LVL 20

Assisted Solution

by:simon3270
simon3270 earned 532 total points
ID: 39194685
or /var/log/auth.log (Ubuntu, Arch etc))
0
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 532 total points
ID: 39194737
You can also define the name of the file to which you wish to log transactions in /etc/sudoers.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question