Logging in linux terminal

Logging terminal commands

Assuming you’re doing this for security purposes, take a look at process accounting. You didn’t say which UNIX variant you’re on, but for Linux, take a look at http://www.gnu.org/software/acct/ Beware that you will generate a lot of data as process accounting writes data about every command run system wide (its a kernel feature). Your distro probably has the utilities already; in Debian check the ‘acct’ package.

If you’re just trying to log what you did so you can go back and look at it later, script (as in the other answer) or screen (with -L) will provide a better solution. However, they will not work for security auditing because its trivial to bypass them: just run a shell script. Also, line editing makes a royal mess of the files. Curses apps (like, say, a text editor) are even worse.

Also, if you force your users through e.g., script, you may wind up capturing information (e.g., email messages) which it may be illegal for you to intercept.

One more option — sudosh or other equivalents. Not sure that they provide much benefit compared to script, but probably worthy of mention.

Process accounting is the way to go, despite it sucking up lots of disk space. It’s not something I’d leave running unless you have a very grunty box but it’s very useful for problem solving since it basically tracks every process, a claim the simpler «snapshot of ps» tools can’t match.

You basically turn it on with accton /var/account/pacct and the kernel then writes details of every process that exits, including:

  • process name (not args, unfortunately).
  • start time.
  • elapsed time.
  • user and system CPU times.
  • exit code.
  • memory, I/O, fault and swap statistics.
  • process ID.
  • parent process ID.

You shut it down with a naked accton so all you people who laughed at Windows for using a Start button to shut down, HAH !! 🙂

There are two variants of records that can be logged, v1 and v3 — make sure you’re using the latest process accounting software and v3 records as they hold more useful information. The /usr/include/linux/acct.h file shows what you can get from there.

The records are all fixed size (regardless of version) and easy to process.

We’ve just recently finished a Linux agent for our performance monitoring software — I thought I’d jot this down while it’s still fresh in my memory.

Читайте также:  Просмотр размера дисков linux

One thing to watch out for are the comp_t fields — these are actually a weird exponent/mantissa type for holding a large range of values in 16 bits — the algorithm is pretty simple for turning it into a long:

Another thing is that some values are in clock ticks, not seconds, so you have to divide by the value returned by sysconf (_SC_CLK_TCK) .

Источник

How to Use Linux Logger Command

In UNIX and Linux-type operating systems, the log is a file that records each action of the operating system. Whenever a user login to the system, it saves the record in the log file. It also allows the user to add any content to the file.

For this, the term “logger” is the command-line tool that provides a shell command interface and gives the user an easy approach to add logs in the /var/log/syslog files. You can add entries into the log files using the “logger” command.

The syntax of this command-line utility is:

How to Use logger Command with Options:

The “logger” command is a pre-built tool in Linux systems. Using this command, users can perform various functions with different options:

The syslog file plays an important role in Linux distributions as it stores all the log data in the /var/log directory.

To view the syslog file in the terminal, execute the following tail command:

Specify the syslog Lines:

The “tail” is used to capture the record from syslog files and print it in the terminal. By default, when a tail command is executed, it prints the last 10 log lines of a file. But we can also specify the number of log lines to print:

Add log into syslog file:

Add any comment in the syslog file through the “logger” command without passing any option.

Run the “tail” command to print it on the terminal:

Log “who” Command:

The “logger” command can also be used to add the standard output of any command. Type the “who” with logger command to add it in the syslog file:

Display it with the tail command:

Log Specified File:

The “logger” command allows the user to add the content of a specified file into the syslog file using the “-f” option.

Let’s create a file named “test_file1.txt” and add some text to it:

Now, to print the file log in the terminal, execute the given command:

NOTE: In the tail command, tail -2 means that it will print the last two output lines. But if you want to print the detailed output with all the logs, you don’t need to specify the number of lines.

Specify Log Size:

Some loglines can be long strings and limit them to use “–size” option. Run the mentioned “–size” option in the following way:

(In the above command, we added random characters in the log and displayed the only first 12 characters using the size option. Tail -1 will print only the last line of the display result).

Читайте также:  Linux update disk size

Ignore Empty Lines:

Use the “-e” option if the file contains empty lines in it. It will remove the blank lines from the file and print the output in the standard way.

For example, add some blank lines in the text file we created:

Run the “-e” option with the file name “test_file1.txt” to remove empty lines:

Display Help:

Type the “–help” option to display the help message about the “logger” command and its options:

Conclusion:

The “syslog” file in every system keeps a record of each action performed by the operating system. There is a “logger” command in the Linux systems that provides an interface to the user to add logs in the “/var/log/syslog” file using the terminal.

In this writing, we have discussed the Linux “logger” command and learned the functionality of its different options through multiple examples.

About the author

Syeda Wardah Batool

I am a Software Engineer Graduate and Self Motivated Linux writer. I also love to read latest Linux books. Moreover, in my free time, i love to read books on Personal development.

Источник

How do I log all input and output in a terminal session?

How do I keep logs of all the work done via terminal? For example, I want a record of all the work done on database via terminal.

4 Answers 4

When you are ready to start recording a log file, type:

Now, until you stop the script, all input and output in the Terminal will be stored in screen.log. When you are done, just type:

Your screen.log file will stored in the local directory. If you want to redirect it, use an absolute pathname such as ~/screen.log . This will do exactly what you are looking for.

Hi, thanks for the reply. But will this work if I login to the mysql database from the shell using the following sequence:- 1) script screen.log 2)mysql -u -p 3) some work on the database 4) exit; I see that the file screen.log is created but it doesn’t contain logs for the database. I’ll share the file asap. Thanks Ankt

it should work with everything running in the console reading from «standard input» (usually your keyboard) and writing to standard output (usually your terminal window). So it should include the mysql command-line client. The man page ( man script ) even mentions vi (editor).

You may want to try out Asciinema. In addition to just making a recording you get the ability to share it and embed the player on your blog, article or in a conference talk.

I have a better way to use syslog for logging every shell command this can be vary upon linux distribution but method will remain same

You need to follow some steps:

Step # 1 (Create Syslog service)

# vim /etc/rsyslog.d/bash.conf local6.* /var/log/commands.log 

Step # 2 (Open bashrc and enter below command)

# vim /root/.bashrc # Enable CLI Logging by Mansur 08-12-2016 whoami="$(whoami)@$(echo $SSH_CONNECTION | awk '')"export PROMPT_COMMAND='RETRN_VAL=$?;logger -p local6.debug "$whoami [$$]: $(history 1 | sed "s/^[ ]*2\+[ ]*//" ) [$RETRN_VAL]"' 

Ste # 3 (Restart Syslog Service)

Dec 7 22:13:00 validationdb2 mahasan: root@export [13291]: tail -f /var/log/mysql/mysql.log [0] Dec 7 22:13:09 validationdb2 mahasan: root@export [13291]: ls -lh [0] Dec 7 22:13:27 validationdb2 mahasan: root@export [13291]: touch test command [0]

Источник

Читайте также:  Linux глобальные переменные окружения

Linux: Record Terminal Session, Log Shell Output

If you do a lot sys admin work, or you want a record of your shell session, you can log it to a file. There are several ways to do this.

Set Terminal Scrollback to Unlimited, Copy and Save

One way is set your terminal to unlimited scrollback, then, just select all, copy, then paste and save in a editor.

To set unlimited scrollback, in gnome-terminal , it’s under menu [Edit ▸ Profile Preferences ▸ Scrolling] tab. If your terminal doesn’t have unlimited/infinite option, just use a big number.

Then, when you need to save session, just pull menu [Edit ▸ Select All] , then menu [Edit ▸ Copy] , then paste it in a editor.

gnome terminal scrollback preference

This is a nice solution, but the problem is, in some dumb terminal such as Linux: Virtual Terminal , there is no menu or copy and paste.

Using “script” Command to Log Session

Start logging like this script ~/session.log .

Problem with this solution is:

  • You have to remember to start logging.
  • The saved log isn’t pretty. It contains lots control sequences, it also contain man page. For example, you started to view a man page, and you page up and down several times, all the screen text are logged.
  • The command exit to stop logging is a problem, because sometimes you don’t remember if you started “script” or not, and if you type exit , it exits your shell, and closes the terminal window, and you lose all data. (whether exit shell or Ctrl + d closes the window/tab depends on your terminal app.)

Using Shell inside Emacs

Best is to use shell inside emacs. That way, you don’t have to worry whether you forgot to start to log it. Just save it to a file anytime.

Start emacs, then call shell to start shell. To save, call write-file . For a detailed tutorial, see: Emacs Shell Tutorial (Bash, cmd.exe, PowerShell) .

Add Timestamp to Your Shell Prompt

When logging, it’s good to have timestamp. see:

Linux Shell Basics

Directory and Files

Compress, Archive, Download

Text Processing

User, Group, File Perm

misc

Process, Job Control

Bash/Terminal

  • Bash/Terminal Keys
  • Man Page Keys
  • Bash Prompt Setup
  • Bash Color Prompt
  • bash init/profile
  • zsh Prompt Setup
  • Virtual Terminal
  • Terminal Control Sequence Keys
  • Ctrl+s Freeze vim
  • Reset Terminal
  • tmux
  • Bash Manual in Chapters
  • Bash Misc Tips
  • Log Terminal Session
  • xterm Copy Paste, Font Size

Linux Desktop

  • Useful GUI App Names
  • Set Default App
  • Commands for GUI Apps
  • Image Viewers
  • Music Players
  • Move to Trash Command
  • X11 Selection and Clipboard
  • Switch to LXDE/Xfce
  • Restart X11
  • Why Tiling Window Manager Sucks
  • Standard Fonts
  • Install Font

Источник

Оцените статью
Adblock
detector