SUMMARY: How to capture keystrokes in bash and tcsh

From: Unix Admin <unix.95054_at_gmail.com>
Date: Wed Jun 18 2008 - 12:42:55 EDT
Thanks to Mark Cohen, Crist, Emmanuel, Christopher, Spam, Hike, Kevin and
Mark Devlin for your wonderful suggestions about capturing keystrokes in
bash shell.

Almost everyone suggested to use "script" in one way or other. That is one
way to capture but the cons of this method is that it captures all the
commands output as well.

My need is to capture commands only. I was browsing and found one useful
webpage as listed below:
http://posludio.wordpress.com/2007/11/02/bash-history-to-a-remote-syslog/

After fine tuning of the solution on the above web page, I came out with a
scriptlet in /etc/bashrc:

#-------------------------------------------------------------------------------------------------------
PORT=`who am i | awk '{ print $6 }' | sed 's/(//g' | sed 's/)//g'`
logger -p  local3.debug  -t "bash $LOGNAME $$" User $LOGNAME logged from
$PORT
function history_to_syslog
{
        declare cmd
        declare p_dir
        declare LOG_NAME
        cmd=$(fc -ln -0)
        p_dir=$(pwd)
        LOG_NAME=$(echo $LOGNAME)
        logger -p local3.debug  -- SESSION = $$, USER = $LOG_NAME,
PWD=$p_dir, CMD = \[ $cmd \]
}
trap history_to_syslog DEBUG
#-------------------------------------------------------------------------------------------------------

Now this solution is working fine for me, BUT .... it is capturing
everything "TWICE" :-) It records everything in /var/log/messages file (in
linux platform).

I have no idea why it is logging everything twice. If you come to know, or
have any solution for it,,,, let me know. Else, please treat this as summary
from my side. (If I get any modification, I will post to the list).
Good day!




On Mon, Jun 16, 2008 at 5:17 PM, Unix Admin <unix.95054@gmail.com> wrote:

> I need to capture all command that all users run on a mission critical
> system. In this effort, I want to capture all the keystorkes in bash and
> tcsh shell. Is there any document/guidelines to do so?
>
> I will summarize.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Wed Jun 18 12:44:24 2008

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:11 EST