Thursday, August 04, 2011

Command logger

Daca aveti nevoie de o implementare rapida a unui "command logger" sub Linux se poate folosi metoda de adaugare a unei trape in /etc/profile [1].

Modificarea care o propun mai jos evita logarea suplimentara in cazul in care exista definit variabila (de Bash) PROMPT_COMMAND.

  • de adaugat la sfarsitul fisierului /etc/profile
function log2syslog
{
declare a
a=${PROMPT_COMMAND/"$BASH_COMMAND"/change_me}
if [ "$a" = "$PROMPT_COMMAND" ]
then
logger -p local1.notice -t bash -i "$USER:$UID,$EUID:$SSH_TTY:${SSH_CLIENT/ */}:$PWD:$BASH_COMMAND"
fi
}
trap log2syslog DEBUG

In [2] si [3] sunt mentionate si utilitarul snoopy insa, asa cum am gasit dupa instalarea lui, acesta nu logheaza functiile interne Bash [4]. Astfel incat, pentru moment, am ramas la metoda descrisa in acest post.

Bibliografie:
[1] Bash: History to Syslog
[2] Root Level Activity Logging - Take Two
[3] Logging every shell command
[4] Snoopy Forum - Logging bash internal functions

No comments: