Date: Sun, 18 Jun 2006 21:24:20 -0400 From: David Scheidt <dscheidt@panix.com> To: Lawrence Horvath <lordsporkton@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: syslog all commands Message-ID: <20060619012420.GA20345@panix.com> In-Reply-To: <a1bf75ae0606181806j11a37al719f745c7b43674c@mail.gmail.com> References: <a1bf75ae0606181806j11a37al719f745c7b43674c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 18, 2006 at 06:06:45PM -0700, Lawrence Horvath wrote: > Date: Sun, 18 Jun 2006 18:06:45 -0700 > From: Lawrence Horvath <lordsporkton@gmail.com> > To: freebsd-questions@freebsd.org > Subject: syslog all commands > > Im looking for a way to syslog all commands run my a group of users, i > was looking at the authpriv.debug but it doesn't log _every_ command, > is there anyother way to syslog all the commands run by a user? > Is process accounting good enough? It'll record the name of the commands run by all users, what terminal they were run from, how much cpu time they used, and start and stop times. See the man pages for acct(5) and lastcomm(1). It's turned on by setting accounting_enable="YES" in /etc/rc.conf, and running /etc/rc.d/accounting start David
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060619012420.GA20345>