Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


Search this Thread
Old 02-21-2013, 01:57 AM   #1
LQ Newbie
Registered: Nov 2012
Posts: 9

Rep: Reputation: Disabled
Tracking All session history in one file

Dear All,

I want to keep all the session history in one file,please help me out to configure so.

Here is the test scenario-

Suppose i have three client A,B and C tries to log in to one Server XA there session specific command and Clint IPADDRESS should get logged in one .bash_history or any other file if there.

I tried simple implementation but it didn't work....I don't have much idea about linux please help me out to configure so.

I tried below procedure..


When i set above environment variable it formats the output of "history" command.

$SSH_CLIENT will track client specific IP ADDRESS

Thanks and Regards
Old 02-21-2013, 05:51 AM   #2
LQ Newbie
Registered: Nov 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
Dear All,

Any one knows to display session specific history.

Thanks in advance

Old 02-21-2013, 01:23 PM   #3
Senior Member
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 2,610

Rep: Reputation: 660Reputation: 660Reputation: 660Reputation: 660Reputation: 660Reputation: 660
I don't believe it will work properly - each bash session will be buffered in history... so whoever is last to logout is the one that will be recorded.
Old 02-22-2013, 01:42 AM   #4
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,401

Rep: Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081Reputation: 2081
Possibly rootsh
Old 02-22-2013, 04:00 AM   #5
Registered: Jul 2011
Location: Milky Way
Distribution: Ubuntu, LFS, Slackware, Fedora
Posts: 205

Rep: Reputation: 20
Originally Posted by monojcool View Post
I want to keep all the session history in one file
i don't think that would be wise...
Old 02-22-2013, 07:17 AM   #6
Senior Member
Registered: Jan 2011
Distribution: Undecided
Posts: 3,813
Blog Entries: 1

Rep: Reputation: Disabled
Originally Posted by monojcool View Post
Any one knows to display session specific history.
cat /home/$user/.bash_history
Old 02-22-2013, 09:18 AM   #7
Registered: May 2001
Posts: 28,187
Blog Entries: 54

Rep: Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143Reputation: 3143
Mainstream Linux distribution installations don't cater for an all-encompassing audit trail out-of-the-box. Like any $LOGNAME-owned files shell history (settings) can be disabled or tampered with and won't show everything (for instance what happens inside a CLI application like a MUA or an $EDITOR). Most that ask such questions never anticipated the question and obviously you can't display what you didn't log before. Next to that bolting measures on should be preceded by verifying any existing modifications first. However the first and overarching aspect is (or should be) to look at the reasons for requiring logging. For example if this is about regulatory compliance then the implementation documentation should tell you what logging is required and how to implement it. Mandatory compliance or other pressing arguments will also help you judge if for example the amount of work involved or the invasiveness of certain solutions are in line with the benefits.

That said realistically speaking there are only a few tools that will help establish a reasonably good audit trail. The first is to send all logging to a well-protected, tamper-proof remote syslog server. Secondly restrict and limit access as much as possible (see for example 'chage', /etc/pam.d/*, /etc/security/* and obviously no "ALL ALL = NOPASSWD" in /etc/sudoers) and ensure logging has the required facility / priority settings. In essence: basic system hardening. RHEL includes SELinux which should be enabled with at least the unmodified targeted policy and it has the audit service which should run with the appropriate (mix of) LSPP, CAPP, NISPOM or STIG rules and enhanced with specific local watches. Session logging can then be done like chrism01 already suggested with Rootsh or a logging shell or using 'snoopy'.

For more information please see and the linked docs / posts it leads to.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache 2.2.3 Session tracking with mod_session produces load error on module load programlight Linux - Server 1 10-24-2011 05:48 PM
detect file deletion on an operating system and trace the file history or activity? lovsis Linux - Security 2 10-19-2010 09:52 AM
tcsh: can you save the history from multiple shells to one history file? BrianK General 2 04-23-2009 06:19 AM
tracking history cmd by other user jenson Linux - Server 2 12-01-2007 09:45 AM
session tracking and logfiles paperdiesel Linux - Software 12 02-19-2006 05:29 PM

All times are GMT -5. The time now is 10:08 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration