Linux record shell scripts using commands

There is a very important command in Linux that can help us record the commands we have used. It is useful for troubleshooting or intrusion detection in the future. This article organizes the configuration into a script and runs the script directly to take effect.

#! /Bin/bash
/Bin/cp/etc/bashrc. 'Date + "% Y-% m-% d-% s "'
Sed-I '/timestamp_history/, + 10d'/etc/profile
Grep "HISTTIMEFORMAT"/etc/profile>/dev/null | echo "export HISTTIMEFORMAT = '% F % t'">/etc/profile
Sed-I '/timestamp_history/, + 10d'/etc/bashrc
 
/Bin/cat>/etc/bashrc <EOF
Timestamp_history (){
Export infodate = \ 'date "+ % c" \ '# Record Time
Export infohis = \ 'History 1 | cut-c 8-\ '# record the running command
Export user_ip = \ 'who-u am I 2>/dev/null | awk '{print \ $ NF}' | sed-e's/[()] // g' \ '# record the user ip address
Export user = \ 'who-u am I 2>/dev/null | awk '{print \ $1}' \ '# record user
Echo \ $ infodate "=>" \ $ user_ip "=>" \ $ user "=>" \ $ infohis>/var/log/. history-timestamp
}
Export PROMPT_COMMAND = timestamp_history
Export HISTTIMEFORMAT = "\ 'whoami \'"
Export HISTCONTROL = ignoreboth
EOF
 
# Backup once a month
Echo '/bin/mv/var/log /. history-timestamp/var/log /. history-timestamp. 'date + "% Y-% m-% d-% s "'
Touch/var/log/. history-timestamp
Chmod 0772/var/log/. history-timestamp '>/etc/cron. monthly/backup_history
/Bin/chmod 755/etc/cron. monthly/backup_history
The following figure shows the date format after running:

A good script can be placed on a web, and other machines can directly obtain the installation through commands.

Wget-O-http: // ip/setHis. sh | sh; source/etc/bashrc