Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
By default Linux distributions do not come with a perfect audit trail configured out of the box. So until you configure one (audit service, LoggedFS, rootsh, etc, etc) there'll be only inode meta data (see 'man stat'), users shell history (if any) or application "recent files" functionality (if any), none of which should be taken as complete or authoritative.
By default Linux distributions do not come with a perfect audit trail configured out of the box. So until you configure one (audit service, LoggedFS, rootsh, etc, etc) there'll be only inode meta data (see 'man stat'), users shell history (if any) or application "recent files" functionality (if any), none of which should be taken as complete or authoritative.
cool , I found the application "LoggedFS" but now I tried to understand couple things..
where do the logs are going? (where I can find them)?
is it possible that it will go into CSV file?
can I filter to see only "READ" ?
and how can I configure on what places it will monitor? is it possible to monitor "everything" ? all partitions etc?
i just came from windows and I don't know nothing about linux ! so complicated HAHA all these terminal commands !
where do the logs are going? (where I can find them)? (..) can I filter to see only "READ" ?
and how can I configure on what places it will monitor? is it possible to monitor "everything" ? all partitions etc?
Please (download the source and) read its documentation.
Quote:
Originally Posted by unnamed1
is it possible that it will go into CSV file?
There actually is a fork called "loggedfs-csv" ;-p
One day I ma gonna Detroit to bigga hotel. I go down to breakfast.
I tella the waitress I wanna two pissis toast. She bring me only one piss.
I tell her I wanna two pisses. She say go to the toilet.
I say you no understand, I wanna two piss onna my plate.
She say you better no piss onna plate, you sonnovabitch.
I don't even know the lady and she calls me a sonnovabitch!
Later I go to eat at the bigga restaurant.
The waitress she bring me a spoon and knife but no fock I tell her I wanna fock.
She tell me everyone wanna fock. I tell her you no understand, I wanna fock onna table.
She say you better no fock onna table, you sonnovabitch.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.