[sudo-users] Using sudo-io logging to track user activity while using raised privileges

[Amelia Nilsson]

Hi sudo users!

I'm new to this list and have been searching the archives for information but haven't found what I was looking for.

I'm using the sudo-io logging to log users activity while using sudo. However, I only need the input data and for security reasons I shouldn't collect and save the output data from commands run with raised privileges. So far so good, by only using the log_input option. I can see that all data is there in the files for the session. Since I don't have any output data I can't use the sudoreplay function to play back a session, but that is fine because that's not the way I want to use this information.

To my question, is there any way to get a nicely formated output containing what commands was run during the session together with timestamps? To me it seems that all data for this is there, but I can't figure out if there's already a built-in way to do this or if someone else have encountered the same problem and hacked something together.

Best regards,
Amelia Nilsson

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.