USB mass storage logs
Hello everyone,
I really appreciate if someone quickly respond my question. Well I am using RHEL v6.3 on my laptop & I want to clear all USB device(Mass storage/Modem/Flash Drive etc.) History from OS which I used in past or in current. I tried to delete all logs from "/var/log" specially messages* but if I run below 2 command I am getting usb results which I connected to my laptop even after deleting /var/log. sudo awk '/usb/ && (/Manufacturer/ || /Product/ ||/Serial/) && !/usb usb/ && !/New USB/' /var/log/messages* sudo awk '/usb/ && /Product/ && !/usb usb/ && !/New USB/' /var/log/messages* |cut -f 8-12 -d ' ' |sort |uniq Please help. |
Quote:
|
Quote:
I am using office Red hat version which is not paid by me and I cant ask them for the same coz its not authorized. How can I turn off a particular system logging if you then pls reply. I agreed logs will be filled but just cleaned the logs and did not plugin any usb device then how come its still showing some old logs, I think there is any other location where logs are also being captured. |
Quote:
Quote:
|
......
|
Quote:
pls tell me about above mentioned 2 commands, how these commands are getting logs even after cleaning logs from messages log file, is there any other location for logs? how can i completely clean my usb logs from RHEL so that no one can track me abut what usb devices I have used in my RHEL. |
Quote:
And your question is a bit suspicious...if you are an administrator, you have root access, and can delete files and disable services...there's no need for you to hide what you've plugged in. If you're not, why are you asking about this? |
Quote:
I am admin of my RHEL but there is a audit, which is coming soon @ my office, thats why I want to clear all logs. disabling all logging is not a good thought. Try above 2 commands in your linux just after cleaning all logs, it will show you some logs which indicating that you have used usb devices in your linux. My only & only question is from where these commands are getting these logs & how? can I delete these logs which is generated by above commands ? |
Quote:
Quote:
I gave you the command above to stop your system logging. I told you that you'd have to disable hardware discovery too. Logs are typically in /var/log, but since you're an admin, you know that some services (like apache), can keep their logs in a separate sub-directory. Quote:
|
Quote:
2. System log daemon: ok with it but what if I delete all logs from /var/logs then it should show clear report, right? 3. what is loratate and where it keeps backup files ? 4. Is there any tool which can clear all logs (hidden or backed up)? |
Quote:
Quote:
Quote:
Quote:
|
Quote:
Still i have not received any relevant ans from you. our conversation is like round n round from the cor. |
Quote:
And again, you need to spell out your words. If this is your company's laptop and you're violating your company policies, it isn't a bad thing if you get caught. If you're a system administrator, you should already know how to stop system logging, where to look for log files, and (most importantly), how to adhere to company data security policies. |
This is definitely against best practices, and almost certainly against
your employment agreement. Closed. |
All times are GMT -5. The time now is 02:41 PM. |