[sudo-users] Using sudo-io logging to track user activity while using raised privileges
Amelia Nilsson
amelia at linuxchick.se
Wed Oct 5 09:29:37 EDT 2011
Hi sudo users!
I'm new to this list and have been searching the archives for information but haven't found what I was looking for.
I'm using the sudo-io logging to log users activity while using sudo. However, I only need the input data and for security reasons I shouldn't collect and save the output data from commands run with raised privileges. So far so good, by only using the log_input option. I can see that all data is there in the files for the session. Since I don't have any output data I can't use the sudoreplay function to play back a session, but that is fine because that's not the way I want to use this information.
To my question, is there any way to get a nicely formated output containing what commands was run during the session together with timestamps? To me it seems that all data for this is there, but I can't figure out if there's already a built-in way to do this or if someone else have encountered the same problem and hacked something together.
Best regards,
Amelia Nilsson
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the sudo-users
mailing list