Hi, Josh Bitto wrote: > I'm wanting to get an opinion. Would it be a smart play to monitor > /root/.bash_history and log the file to a remote server?
When you come to the conclusion that you want to log the shell history, please check first for any privacy issues: - Are you allowed to do that? - Are your users informed? - How do you deal with scenarios like someone's sensitive data you are definitely not allowed to log and store become part of the history? Are you prepared to remove these data? - If you want a logged shell history for security, be aware that there maybe ways to bypass the log (maybe user can turn it off; maybe user can user sftp to spawn another shell which doesn't log...) -- Regards, Igor _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
