Re: create a custom logs script of rm command (371 Views)
Reply
Regular Advisor
Aamir14
Posts: 116
Registered: ‎07-04-2011
Message 1 of 6 (411 Views)

create a custom logs script of rm command

Hi,

 

create a custom logs script of rm command

 

many people log to root user and  delete some files.

 

i want to make a script when any user and root user run the RM command

 

its save a logs to any file.

 who run the RM command   

 

Please give me some advice .

 

Thanks

Aamir

 

Advisor
madhucertify
Posts: 21
Registered: ‎09-01-2013
Message 2 of 6 (400 Views)

Re: create a custom logs script of rm command

Hi Aamir,

 

 enable history file.

 

if you want to have records for each user,you have make changes in root .profile file.

 

regards

 

Madhu

 

 

 

 

Regular Advisor
Aamir14
Posts: 116
Registered: ‎07-04-2011
Message 3 of 6 (388 Views)

Re: create a custom logs script of rm command

Hi,

 

I want only rm command logs because many people log in to root user(such as DBA user) and clear 

the history file.

and create a script.and save to some hidden location.

 

Please give me a script or it is a possible.

 

 

Thaks

Aamir

 

 

 

Advisor
madhucertify
Posts: 21
Registered: ‎09-01-2013
Message 4 of 6 (381 Views)

Re: create a custom logs script of rm command

Hi

 

>>because many people log in to root user(such as DBA user) and clear the history file.

 

why DBA user is switching to root ,if it so then there is a security issue.

 

if DBA really wants to use root,grant them the sudo access.

 

 

>>create a script.and save to some hidden location.

 

if people has root access,they can even find and edit hidden location.

 

Frequent Advisor
RJHall
Posts: 33
Registered: ‎05-30-2013
Message 5 of 6 (378 Views)

Re: create a custom logs script of rm command

A couple of thoughts occur: (1) use HIDS and filter on rm actions; (2) set up auditing and post-process the logs to look for deletions.

Regular Advisor
Aamir14
Posts: 116
Registered: ‎07-04-2011
Message 6 of 6 (371 Views)

Re: create a custom logs script of rm command

Hi,

 

Thanks for advice.

 

but my DBA user running software and install Database on /u01 and /u02 mount point.

 

I give the full access of /u02 and /u02 mount point

not to vg00 mount point

 

it is possible DBA users run every single command  on /u02 /u01 mount point.and not to run all mount point.

 

if yes how can give the access.

 

Thanks for advance

aamir

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.