Python script to log name, date, and command of every command users have entered

Question

I want to create a script, possibly in python, open to suggestions, it logs every command typed on the server. so it would log, user, timestamp and command.

Is this possible?

Please see my Bash functions [here](http://stackoverflow.com/a/960684/26428) for some ideas. Note that, like other possible methods, it's not immune to user tampering. — Dennis Williamson, Dec 05 '13 at 15:49

Zeeshan · Accepted Answer · 2013-12-05T10:42:25.623

1 - There could be different approchs to achieve this in Python. This article or this article may help you to log all the commands and then you can do parsing using python.

2 - You can also check Grsecurity to configure Exec logging at kernel level.

3 - Then you can done something like this (simple parsing code):

''A very simple log parser for ssh connections to display IP address and their User name'''

SSH_LOG_FILE_NAME = '/var/log/secure'

for line in open(SSH_LOG_FILE_NAME):
  if "sshd" in line:
    if "Accepted" in line:
      print "Connection is accepted from "
      print "User: ", line.split()[8], "IP: ", line.split()[10]
    if "session closed" in line:
      print "Connection is closed from "
      print "User: ", line.split()[10]

P.S. I think the second one is more easy to follow and shows how to parse it using sed which you can also do it easily in Python once you able to log all the commands.

score 0 · Answer 2 · answered Dec 05 '13 at 14:26

0

Please check ~/.bash_history. This logging could be disabled easy through.

answered Dec 05 '13 at 14:26

neutrinus

1,125
7
18

Python script to log name, date, and command of every command users have entered

2 Answers2