On Fri, Nov 12, 2004 at 07:55:51AM -0800, Brian McGrew wrote: > Good morning all, > > I'm sure I'm not the first to want this or even ask but ... You're not and you won't be the last. > We have several RH7.3 boxes and a few Solaris 8 boxes on our NIS > network. Everyone attaches to NFS mounted shares. Several times now, > we've had stuff disappear or get corrupted and no one knows nothing! > > I want to start logging all my users Filesystem commands. From mv, rm, > ls to vi and cp ... Everything! Most especially if they're out in an > NFS Filesystem but it would be nice to log their local Filesystem > accesses as well. Preferably into a MySQL database so I can run > reporting on it. Simply put, you can't, especially not with 7.3. You need a full audit subsystem. I don't know if that's there in FC3 (there's some audit stuff in there) but it wasn't in 7.3. The problem is very, very hard and you won't be logging to a mysql database - at best the logs will get dumped to a flat file. mysql would be massive overhead for this. If your system is busy, expect gigabytes of data per day of audit logs and you'll have a massive effort crunching those logs to do any reporting. Can you tell I've investigated this before? :-( -- Ed Wilts, RHCE Mounds View, MN, USA mailto:ewilts@xxxxxxxxxx Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
