LogAnalysis
[logs] CanSecWest 2008 CFP (deadline Nov 30,conf Mar 26-28) and PacSec Dojo's Nov 09 2007 04:24AM
Dragos Ruiu (dr kyx net) (1 replies)
[logs] How to log - commands and file access Nov 09 2007 08:25AM
david bigot devoteam com (7 replies)
Re: [logs] How to log - commands and file access Mar 03 2008 07:24AM
Cesare (tensi mclink it)
Re: [logs] How to log - commands and file access Nov 25 2007 12:48AM
Karl Vogel (vogelke pobox com)
RE: [logs] How to log - commands and file access Nov 12 2007 11:37PM
Kurt Buff (KBuff zetron com) (1 replies)
Perhaps http://sourceforge.net/projects/sudosh/ ?

-----Original Message-----
From: loganalysis-bounces (at) loganalysis (dot) org [email concealed] [mailto:loganalysis-bounces (at) loganalysis (dot) org [email concealed]]On Behalf Of david.bigot (at) devoteam (dot) com [email concealed]
Sent: Friday, November 09, 2007 00:26
To: loganalysis (at) loganalysis (dot) org [email concealed]
Subject: [logs] How to log - commands and file access

Hello,

I want to known for a customer, how to log automatically on UNIX and Linux system :
- all commands executed (in BASH, ZSH & co ...). I know but the file ~/.(ba)sh_history but I prefer a global file or through syslog.
- all file access by process and username in real-time (not static) or if it's not possible, which process and username access to some files (or directory) like /etc/shadow, /data/ ...

Regards,
----------------------------------------------------------------------
David Bigot - Consultant sécurité
Apogée Communications - Groupe DEVOTEAM
86, rue Anatole France
92300 Levallois-Perret
téléphone: ()1.41.49.58.04
email: david.bigot (at) apogee-com (dot) fr [email concealed]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">

<META content="MSHTML 6.00.6000.16525" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=097033723-12112007><FONT face=Arial color=#0000ff
size=2>Perhaps <A
href="http://sourceforge.net/projects/sudosh/">http://sourceforge.net/pr
ojects/sudosh/</A> ?</FONT></SPAN></DIV>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B>
loganalysis-bounces (at) loganalysis (dot) org [email concealed]
[mailto:loganalysis-bounces (at) loganalysis (dot) org [email concealed]]<B>On Behalf Of
</B>david.bigot (at) devoteam (dot) com [email concealed]<BR><B>Sent:</B> Friday, November 09, 2007
00:26<BR><B>To:</B> loganalysis (at) loganalysis (dot) org [email concealed]<BR><B>Subject:</B> [logs] How
to log - commands and file access<BR><BR></FONT></DIV><BR><FONT
face=sans-serif size=2>Hello,<BR><BR>I want to known for a customer, how to
log automatically on UNIX and Linux system :<BR>- all commands executed (in
BASH, ZSH & co ...). I know but the file ~/.(ba)sh_history but I prefer a
global file or through syslog.<BR>- all file access by process and username in
real-time (not static) or if it's not possible, which process and username
access to some files (or directory) like /etc/shadow, /data/
...<BR><BR>Regards,</FONT> <BR><FONT face=sans-serif
size=2>-----------------------------------------------------------------
-----<BR>David
Bigot - Consultant sécurité<BR>Apogée Communications - Groupe DEVOTEAM<BR>86,
rue Anatole France<BR>92300 Levallois-Perret<BR>téléphone:
()1.41.49.58.04<BR>email:
david.bigot (at) apogee-com (dot) fr [email concealed]</FONT></BLOCKQUOTE></BODY></HTML>
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]
RE: [logs] How to log - commands and file access Nov 13 2007 10:01PM
David Corlette (dcorlette novell com) (1 replies)
Re: [logs] How to log - commands and file access Nov 13 2007 11:31PM
Matt Cuttler (mcuttler bnl gov)
Re: [logs] How to log - commands and file access Nov 12 2007 02:47PM
Mike Blomgren (mike blomgren tornado se) (1 replies)
Re: [logs] How to log - commands and file access Nov 12 2007 03:15PM
david bigot devoteam com (1 replies)
Re: [logs] How to log - commands and file access Nov 13 2007 04:07AM
Anton Chuvakin (anton chuvakin org)
Re: [logs] How to log - commands and file access Nov 09 2007 08:09PM
Anton Chuvakin (anton chuvakin org) (2 replies)
Re: [logs] How to log - commands and file access Nov 10 2007 03:49PM
James B Horwath (Jim_Horwath glic com)
Re: [logs] How to log - commands and file access Nov 10 2007 02:21AM
James Turnbull (james lovedthanlost net)
Re: [logs] How to log - commands and file access Nov 09 2007 07:38PM
Vincent Bernat (bernat luffy cx)
Re: [logs] How to log - commands and file access Nov 09 2007 07:10PM
Stephen John Smoogen (smooge gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus