A
Alex Honold
Hi,
I am involved right now in a project where I have to deliver a
shell logging mechanism (for solaris). The requirements where not
easy to fullfill already at the design level, here's the
requirement list:
- not deamon based (no single point of failure)
- not depending on a specific shell
- has to log only the interactive "login" sessions
(network or console)
- has to work in single user mode too
- stable solution, meaning the ssh gateway's should not
be destabilized by the logging mechanism
- the user can write but not read nor delete the log's
- two log file formats:
1. full session log per user and session
(stdin, stdout and stderr)
2. summary log, for all running sessions
(only timestamped stdin)
- and some more regarding how and where to keep the logs...
We choosed to work with C at the streams level to get wanted
results. It worked pretty well for the full logs, but somehow
I got stock with the summary logs. And here's the problem...
How do I get only the stdin (the commands the user is typing)
each one prependet with the user id and a timestamp when it was
executed from the pseudo-tty stream. The result should look
similar to this:
***
johnd Mon Aug 11 10:39:40 MEST 2003 cd /var/tmp
root Mon Aug 11 10:39:41 MEST 2003 less /etc/syslog.conf
johnd Mon Aug 11 10:39:44 MEST 2003 ls
robc Mon Aug 11 10:39:54 MEST 2003 pwd
miked Mon Aug 11 10:39:54 MEST 2003 op was4 stop
johnd Mon Aug 11 10:39:55 MEST 2003 id
johnd Mon Aug 11 10:39:57 MEST 2003 exit
***
I suppose I should duplicate stdin get is into cannonical
mode and process it line by line, generating a timestamp
and adding the user id. I would need some code examples
if possible.
By the way the logging mechanism is based on a named pipes
construct, that means in the case of the summary log obove
there's a named pipe to which the logger utility writes his
output. Another program will poll the other end of the pipe
for input, read it and write it to the logging facility.
I hope this was not too confusing, don't hesitate to ask
if something is unclear. Time is running out so I would
really apreciate some helpfull hint's as soon as possible.
manythx
Alex
I am involved right now in a project where I have to deliver a
shell logging mechanism (for solaris). The requirements where not
easy to fullfill already at the design level, here's the
requirement list:
- not deamon based (no single point of failure)
- not depending on a specific shell
- has to log only the interactive "login" sessions
(network or console)
- has to work in single user mode too
- stable solution, meaning the ssh gateway's should not
be destabilized by the logging mechanism
- the user can write but not read nor delete the log's
- two log file formats:
1. full session log per user and session
(stdin, stdout and stderr)
2. summary log, for all running sessions
(only timestamped stdin)
- and some more regarding how and where to keep the logs...
We choosed to work with C at the streams level to get wanted
results. It worked pretty well for the full logs, but somehow
I got stock with the summary logs. And here's the problem...
How do I get only the stdin (the commands the user is typing)
each one prependet with the user id and a timestamp when it was
executed from the pseudo-tty stream. The result should look
similar to this:
***
johnd Mon Aug 11 10:39:40 MEST 2003 cd /var/tmp
root Mon Aug 11 10:39:41 MEST 2003 less /etc/syslog.conf
johnd Mon Aug 11 10:39:44 MEST 2003 ls
robc Mon Aug 11 10:39:54 MEST 2003 pwd
miked Mon Aug 11 10:39:54 MEST 2003 op was4 stop
johnd Mon Aug 11 10:39:55 MEST 2003 id
johnd Mon Aug 11 10:39:57 MEST 2003 exit
***
I suppose I should duplicate stdin get is into cannonical
mode and process it line by line, generating a timestamp
and adding the user id. I would need some code examples
if possible.
By the way the logging mechanism is based on a named pipes
construct, that means in the case of the summary log obove
there's a named pipe to which the logger utility writes his
output. Another program will poll the other end of the pipe
for input, read it and write it to the logging facility.
I hope this was not too confusing, don't hesitate to ask
if something is unclear. Time is running out so I would
really apreciate some helpfull hint's as soon as possible.
manythx
Alex