Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 03-28-2011, 01:14 AM   #1
LQ Newbie
Registered: Mar 2011
Posts: 1

Rep: Reputation: 0
Trace of runtime activities in UNIX

I've taken a project to work upon tracing of runtime activities on unix system into a log file. Like, to implement a program which will show the log of everything happened in past, including many requirements, like applications i used (with the time of access), kind of files/directories i opened, closed, created, deleted(with the time), etc.

Please suggest me something to do it in a better way.
Old 03-28-2011, 06:10 PM   #2
Senior Member
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
You can get the source code for the shell(s) used, find the command line parsing section and stick a logging function in there (had to do this once to roll-my-own security logs). This would record every program or utility users executed, but only from the command line, so no record of what they did in, say, a text editor. If I remember correctly, some of the shell programs support logging (I think Korn Shell does, BASH may -- could be wrong about both of those though).

You can also get the secure version of the operating system and turn on the logging (which logs every blasted thing everybody does). Get hold of the vendor to find out about that -- be warned that the secure version are meant for high-security servers and the logs will be mammoth if you turn on everything.

Use Google looking for "secure unix" or possibly "secure linux" and see what turns up.

Hope this helps some.
Old 03-28-2011, 07:48 PM   #3
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.10, Centos 7.5
Posts: 17,575

Rep: Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427Reputation: 2427
For interactive users you may want to look at
This may be a bit over the top, but have a read of the first page (Linux)
If you're looking at Solaris, a lot of the tools mentioned there also apply, but as of Sol 10 we also have DTrace, a very fine tool.

In general though, as mentioned by Tronayne, if you start logging everything, watch out for disk space...


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
trace user activities nagavinodh Linux - Newbie 1 09-07-2009 09:18 AM
How to trace and disable the HTTP TRACE method in Apache 1.3.33 with FreeBSD? SomnathG Linux - Security 1 11-11-2008 10:41 AM
"killed" Message - how to trace/back trace ebinjose Linux - Kernel 1 01-29-2008 07:12 AM
block an IP based on certain activities... piforever Linux - Security 17 04-07-2006 09:46 PM
measuring network activities raees Linux - Software 2 04-24-2005 01:30 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:46 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration