在/etc/profile文件里添加:
export HISTSIZE=50000
export HISTORY_FILE=/var/log/CommandHistory.log
export PROMPT_COMMAND='{ thisHistID=`history 1|awk "{print \\$1}"`;lastCommand=`history 1| awk "{\\$1=\"\" ;print}"`;user=`id -un`;whoStr=(`who -u am i`);realUser=${whoStr[0]};logMonth=${whoStr[2]};logDay=${whoStr[3]};pid=${whoStr[5]};ip=${whoStr[6]};if [ ${thisHistID}x != ${lastHistID}x ];then echo -E `date "+%Y/%m/%d %H:%M:%S"` $user\($realUser\)@$ip[Pid:$pid][LoginTime:$logMonth $logDay] ExecuteCommand: $lastCommand;fi; } >> $HISTORY_FILE'设置普通用户写日志权限:
# chmod 777 /var/log/CommandHistory.log
定期清理脚本:
#!/bin/bash
dt=`date +"%Y%m%d%H%M"`
find /var/log/ -name "CommandHistory*.log" -mtime +15 -exec rm -f {} \;
cat /var/log/CommandHistory.log >/var/log/CommandHistory$dt.log
>/var/log/CommandHistory.log
crontab设置每天执行一次,清理15天前的命令记录,备份前一天的命令记录
参考:
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
