[logs] Unix privileged access logging
James B Horwath
Jim_Horwath at glic.com
Wed May 16 07:56:13 PDT 2007
One of the items I am struggling with right now is logging Unix privileged
commands (add/deletes/etc). On some flavors of Unix administrative
actions are available via menus as well as the command line. The command
menus provide no method for syslog integration and the menus provide a
convenient tool fort staff. The native audit subsystem produces such a
large volume of data, parsing said data is not practical. Although sudo
logs all administrative access, it seems many admins lack the discipline
to use sudo on a routine basis other than to sudo su -.
Are there any tool recommendations?
Thanks in advance,
Jim
-----------------------------------------
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law. If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited. If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.loganalysis.org/pipermail/loganalysis/attachments/20070516/c15a71f6/attachment.html
More information about the LogAnalysis
mailing list