LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-28-2011, 01:14 AM   #1
ankitspy
LQ Newbie
 
Registered: Mar 2011
Posts: 1

Rep: Reputation: 0
Trace of runtime activities in UNIX


I've taken a project to work upon tracing of runtime activities on unix system into a log file. Like, to implement a program which will show the log of everything happened in past, including many requirements, like applications i used (with the time of access), kind of files/directories i opened, closed, created, deleted(with the time), etc.

Please suggest me something to do it in a better way.
 
Old 03-28-2011, 06:10 PM   #2
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,477

Rep: Reputation: 1020Reputation: 1020Reputation: 1020Reputation: 1020Reputation: 1020Reputation: 1020Reputation: 1020Reputation: 1020
You can get the source code for the shell(s) used, find the command line parsing section and stick a logging function in there (had to do this once to roll-my-own security logs). This would record every program or utility users executed, but only from the command line, so no record of what they did in, say, a text editor. If I remember correctly, some of the shell programs support logging (I think Korn Shell does, BASH may -- could be wrong about both of those though).

You can also get the secure version of the operating system and turn on the logging (which logs every blasted thing everybody does). Get hold of the vendor to find out about that -- be warned that the secure version are meant for high-security servers and the logs will be mammoth if you turn on everything.

Use Google looking for "secure unix" or possibly "secure linux" and see what turns up.

Hope this helps some.
 
Old 03-28-2011, 07:48 PM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
For interactive users you may want to look at http://sourceforge.net/projects/rootsh/.
This may be a bit over the top, but have a read of the first page (Linux) http://www.linux.com/learn/tutorials...-linux-servers
If you're looking at Solaris, a lot of the tools mentioned there also apply, but as of Sol 10 we also have DTrace, a very fine tool.

In general though, as mentioned by Tronayne, if you start logging everything, watch out for disk space...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
trace user activities nagavinodh Linux - Newbie 1 09-07-2009 09:18 AM
How to trace and disable the HTTP TRACE method in Apache 1.3.33 with FreeBSD? SomnathG Linux - Security 1 11-11-2008 10:41 AM
"killed" Message - how to trace/back trace ebinjose Linux - Kernel 1 01-29-2008 07:12 AM
block an IP based on certain activities... piforever Linux - Security 17 04-07-2006 09:46 PM
measuring network activities raees Linux - Software 2 04-24-2005 01:30 PM


All times are GMT -5. The time now is 04:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration