linux 追加简单审计日志

2022-4-27 夙夜实际技能

mkdir /var/log/historymonitor
echo usermonitor >/var/log/historymonitor/monitor.log
chown nobody:nogroup /var/log/historymonitor/monitor.log
chmod 002 /var/log/historymonitor/monitor.log
chattr +a /var/log/historymonitor/monitor.log

/etc/profile 文件中添加

export HISTORY_FILE=/var/log/historymonitor/monitor.log
export PROMPT_COMMAND='{ date "+%Y-%m-%d %T ##### USER:$USER IP:$SSH_CLIENT PS:$SSH_TTY ppid=$PPID pwd=$PWD #### $(history 1 | { read x cmd; echo "$cmd"; })";} >>$HISTORY_FILE'

之后使用
cat /var/log/historymonitor/monitor.log
查看用户操作日志

标签: Linux

« php文件夹内文件递归获取 | mysql error msg:Index column size too large. The maximum column size is 767 bytes»

我的学习生活记录

linux 追加简单审计日志

分类

存档

链接

搜索