Logging User Activities within Linux with bash scripts

I am just starting to learn the power of bash scripting. So, this script below may not be the best way of doing this, but hear me out. I often find myself trying to figure out what commands I executed in order to accomplish a task in Linux. Sometimes I just get carried away and forget to write things down. Enter my script below:

#!/bin/bash
DATE=$(date +%Y%m%d)
USERNAME=$(whoami)
SHELL=/bin/bash script -q -t 2>/home/$USERNAME/.$USERNAME-console.tlog.$DATE -a /home/$USERNAME/.$USERNAME-console.log.$DATE

 This script grabs the current date and name of the logged on user and creates hidden files that log the commands and output of what the user enters at the command line. The script command above also records separate timing information too. The timing information gives you an idea of how long it took to enter a command.  Save the above script as login.sh and give it executable permissions:

chmod +x login.sh

You will also need to ensure the script is launched when the user drops to a terminal session. This can be done be done by setting the user’s shell to login.sh Of course, you will need the complete path to the script, like /home/user/login.sh

This script can also be useful for logging administrator activities. Granted, the administrator can see the shell script and the logs, it is a step in the right direction. If anyone knows how to improve upon this (especially making it less prone to admin tampering), I would be interested in learning more. You could also use various log collection tools to grab the log files and store them centrally.

Let me hear your thoughts.

This entry was posted in Linux and tagged , , , . Bookmark the permalink.

Leave a Reply