3

As part of the security procedures for our Rails application, we want to have an audit log of the commands that were run from rails console in our production environment.

This audit log should be persisted somewhere, such as a database, a file in an S3 bucket, or similar. If it could be written to the standard rails log, that might be OK too, as we already have a way to persist that.

We're currently hosted on Heroku. Heroku will log the event of firing up a console, but (a) Heroku provides no functionality for logging commands run from an active console, and (b) we'd like a more general-purpose solution.

Are there any pre-existing solutions for this out there?

If there is none, I'm trying to figure out how to monkey-patch IRB or Rails Console.

I've discovered that the data I need is already in 

Readline::HISTORY

but I'm struggling to figure out where/how to hook into it.

Ideally, I'd like to capture each entry as (before?) it is sent to the interpreter, and quickly persist it somewhere (we already have Resque, so that may be a good solution). FWIW, sending the contents of Readline::HISTORY on Kernel.exit seems like it may be unreliable. For example, if a SIGKILL stops the process, then the history contents wouldn't be saved.

Neal Tovsen
  • 55
  • 4
  • Have a look here: http://stackoverflow.com/questions/11137050/rbenv-irb-history-is-not-saving. You can specify a history file. – Damien Roche Jun 03 '14 at 20:19
  • And another relevant link: http://stackoverflow.com/questions/4218940/frequently-flush-irb-history-to-file – Damien Roche Jun 03 '14 at 20:21
  • 2
    Sure, but (a) IIRC, this only writes the file on successful exit, which wouldn't meet my needs, and (b) it wouldn't work on Heroku's ephemeral file system, since the file would be deleted as soon as it was written. – Neal Tovsen Jun 05 '14 at 17:00

0 Answers0