A record of all user logins and operation log under Linux
Generally, we can use the command to view the history records of user actions, but this command does not record user login operation which can not record detailed operating time, and incomplete; it is caused by misuse of important data is lost, it is difficult who found the operation.
Here we are to achieve record operating logs the user's login script code by:
Edit / etc / profile file and add the following code to the end of the file:
[root @ telecom225 /] # vi / etc / profile
history
USER=`whoami`
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
if [ "$USER_IP" = "" ]; then
USER_IP=`hostname`
fi
if [ ! -d /var/log/history ]; then
mkdir /var/log/history
chmod 777 /var/log/history
fi
if [ ! -d /var/log/history/${LOGNAME} ]; then
mkdir /var/log/history/${LOGNAME}
chmod 300 /var/log/history/${LOGNAME}
fi
export HISTSIZE=4096
DT=`date +"%Y%m%d_%H:%M:%S"`
export HISTFILE="/var/log/history/${LOGNAME}/${USER}@${USER_IP}_$DT"
chmod 600 /var/log/history/${LOGNAME}/*history* 2>/dev/null
Note: / var / log / history log which is located in a position, can be customized.
At / var / log / history name to each user will create a new folder,
[@ telecom225 the root /] # CD / var / log / history /
[root@telecom225 history]# ll total 20 d-wx------ 2 test dennishan 4096 Jul 4 12:06 test d-wx------ 2 jerryhe jerryhe 4096 Jul 4 14:12 jerryhe
Every time the user exits this time it will have to operate user name, login IP, time of file, which contains the user
[root @ telecom225 history] jerryhe # cd / [root @ telecom225 jerryhe] ls [email protected]_20130626_14: 59: 51 [email protected]_20130628_14: 40: 26 [email protected]_20130703_09: 44: 21 jerryhe @ 180.173.188.252_20130703_11: 18: 40 [email protected]_20130703_11: 21: 11 [email protected]_20130703_14: 21: 49 [email protected]_20130703_14: 30: 48 [email protected]_20130704_13: 37: 19
来源: https://www.cnblogs.com/nulige/p/7607464.html
Generally, we can use the command to view the history records of user actions, but this command does not record user login operation which can not record detailed operating time, and incomplete; it is caused by misuse of important data is lost, it is difficult who found the operation.
Here we are to achieve record operating logs the user's login script code by:
Edit / etc / profile file and add the following code to the end of the file:
[root @ telecom225 /] # vi / etc / profile
history
USER=`whoami`
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
if [ "$USER_IP" = "" ]; then
USER_IP=`hostname`
fi
if [ ! -d /var/log/history ]; then
mkdir /var/log/history
chmod 777 /var/log/history
fi
if [ ! -d /var/log/history/${LOGNAME} ]; then
mkdir /var/log/history/${LOGNAME}
chmod 300 /var/log/history/${LOGNAME}
fi
export HISTSIZE=4096
DT=`date +"%Y%m%d_%H:%M:%S"`
export HISTFILE="/var/log/history/${LOGNAME}/${USER}@${USER_IP}_$DT"
chmod 600 /var/log/history/${LOGNAME}/*history* 2>/dev/null
Note: / var / log / history log which is located in a position, can be customized.
At / var / log / history name to each user will create a new folder,
[@ telecom225 the root /] # CD / var / log / history /
[root@telecom225 history]# ll total 20 d-wx------ 2 test dennishan 4096 Jul 4 12:06 test d-wx------ 2 jerryhe jerryhe 4096 Jul 4 14:12 jerryhe
Every time the user exits this time it will have to operate user name, login IP, time of file, which contains the user
[root @ telecom225 history] jerryhe # cd / [root @ telecom225 jerryhe] ls [email protected]_20130626_14: 59: 51 [email protected]_20130628_14: 40: 26 [email protected]_20130703_09: 44: 21 jerryhe @ 180.173.188.252_20130703_11: 18: 40 [email protected]_20130703_11: 21: 11 [email protected]_20130703_14: 21: 49 [email protected]_20130703_14: 30: 48 [email protected]_20130704_13: 37: 19
来源: https://www.cnblogs.com/nulige/p/7607464.html