[sudo-users] Using sudo-io logging to track user activity while using raised privileges
amelia at linuxchick.se
Wed Oct 5 09:29:37 EDT 2011
Hi sudo users!
I'm new to this list and have been searching the archives for information but haven't found what I was looking for.
I'm using the sudo-io logging to log users activity while using sudo. However, I only need the input data and for security reasons I shouldn't collect and save the output data from commands run with raised privileges. So far so good, by only using the log_input option. I can see that all data is there in the files for the session. Since I don't have any output data I can't use the sudoreplay function to play back a session, but that is fine because that's not the way I want to use this information.
To my question, is there any way to get a nicely formated output containing what commands was run during the session together with timestamps? To me it seems that all data for this is there, but I can't figure out if there's already a built-in way to do this or if someone else have encountered the same problem and hacked something together.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the sudo-users