Today saw a super Diao of linux commands, on-screen commands and output results can be fully documented.
I was asked what Diao , not that preservation of historical operating records? I can see it by looking at the log.
No, no, the "complete record" I want to say includes what command is executed in the first few seconds, just like someone is actually operating it! Play it like a video screen, and you can also adjust the playback speed , slow down, speed up, and adjust the speed several times if you want to adjust it several times!
Than the opening of the members still cool right!
What's even cooler is your own server, whoever wants to log in is directly monitored, and every move is clearly seen , is it very enjoyable ! !
In general, the use of script
and scriptreplay
two command in Linux distributions are installed by default.
Recording screen operation
Record
script -t 2>time.file -a scriptfile
After executing this command, any subsequent operations will be recorded.
Among them time.file
is the time sequence record file, which records the commands executed in a few seconds; scriptfile
is the command execution record file, which records which commands are executed. The names of these two files can be customized.
Adding -q, - -quiet
parameters can make the script command run in silent mode, without displaying the script start and exit commands, and the user can completely not notice the screen recording.
like this:
script -q -t 2>time.file -a scriptfile
To stop, just press the key combination to Ctrl+D
end the recording, or execute the exit
command.
$ exit
When there is recording, there will be playback, just like recording a video, just execute the following command, with the timing file first and the command file behind
scriptreplay time.file scriptfile
Add this parameter -d, –divisor number
to adjust the multiple of the playback speed (can be decimal: slow down).
scriptfile
The file records the operation of executing a date command every 1 second, and now it is accelerated 10 times to play and see the effect (unfortunately, some version scriptreplay
commands do not have -d
this parameter):
Simultaneous presentation
-f, - -flush
The cache is refreshed immediately after each operation. If this option is not set, the file will not be written in real time, this function
Use end:
script -f demo
Demo side:
scriptreplay -f demo
But unfortunately, maybe because of version problems, mine has scriptreplay
no -f
parameters.
It does not matter, because the real-time file is written, we usually come to see the log commonly used tail -f
commands directly in the presentation end tail -f demo
to
Record script execution process
Parameters -c, - -command
can execute commands directly, instead of an interactive shell, you can pass in a script directly, like this:
$ script -qa "file.out" -c "/root/hello.sh"
123
234
345
$ cat file.out
Script started on Fri 28 Jun 2019 07:38:55 PM CST
123
234
345
But I think this function is a bit tasteless. It can only record the output but not what commands are executed. What is the difference between it and salted fish?
Don't lie, let us feel a little bit awesome .
Automatically trigger and monitor user login operation and real-time monitoring
Sometimes someone secretly accesses your system remotely, or operation and maintenance personnel remotely operate something, we can set to automatically record what this person did on the system, who caused the trouble, and who should carry it. Clear at a glance!
At this time, as long as the script
command is automatically run at login, we can add it to the shell environment configuration file.
In this way, after any misoperation occurs, the historical records can be found during the investigation.
Friends who are interested in several other ways to start items can see --> Why is my server so slow? Could it be said that it is being mined? .
mkdir -p /var/log/user_record
vi /etc/profile
Append at the end of the file
# 添加登陆时自动记录
script -t -f -q 2>/var/log/user_record/$USER-$UID-`date +%Y%m%d%H%M%S`.time -a /var/log/user_record/$USER-$UID-`date +%Y%m%d%H%M%S`.his
if [ "$SHLVL" = 1 ]; then
exit
fi
Here I have added it to the script in advance, and the monitoring terminal is behind, see the demo
Imagine a few scenarios:
Make a command-line trick video by recording terminal records
Directly share dozens of k record files with friends, you can let your friends experience the feeling of standing next to you and watching your operations
The great god came to help. At this time, there is no time to open the screen recording software, and it is easy to be disgusted by the great god; the operation is as fierce as a tiger , and the rookie can't remember anything (cry) But with this tool, you can start the recording in one second, go back and watch it slowly, and you can play it slowly, so cool.
The steps and complete record of the output of the script, there is no complete script output than more investigation operations, in particular, can not debug the shell.
Monitoring the landing user's every move, no longer afraid to find people to back pot , but their pot will not be thrown out, he found his pot Do not tell anyone!
what? Do you still want to use this to monitor the entered password ?