Kudos everyone I'm working in a firm specialized in providing banking services. I'm working on a user control mechanism and as part of the mechanism I need an auditing solution. Here are the requirements I have for my system: 1 - Logging all the command that users enter and preferably storing them on a per user basis (for instance the command log for the user "navid" be stored as "navid.log" 2 - The ability to search for incidents based on user, command or time 3 - Ability to generate reports on a weekly, monthly, ... basis I've looked into syslog, syslog-ng, ossec and open-audit but I'm really not sure which one to go with. I'll be really grateful if you can shed some light on my limited understanding of this whole thing. I know about solution such as bash history but it just doesn't seem right. I mean, it's Linux for God's sake. There has to be better way to do that. And in case it matters, my distro is SuSE Linux Enterprise Server 10 SP 2.
Thanks in advance Navid
