The method of logging all user operations logs on time by login IP (with script)

Ps:linux user operations records are generally viewed through the command history, but if the important data is deleted because someone mistakenly manipulated it, this situation does not work. The following methods can be implemented by logging the login IP address and all users log on the operation of logging!

At the end of the/etc/profile configuration file to add the following script code can be implemented, the following script is my online search, the original author does not know. But the original script time variable has the error, cannot record the time, I test discovers and examines the revision:

ps1= "' WhoAmI ' @ ' hostname ':" ' [$PWD] ' historyuser_ip= ' who-u am I 2>/dev/null| awk ' {print $NF} ' |sed-e ' s/[()]//g "if [" $USER _ip "=" "]thenuser_ip= ' hostname ' FIIF [! -d/tmp/history]thenmkdir/tmp/historychmod 777/tmp/historyfiif [!-d/tmp/history/${logname}]thenmkdir/tmp/history/ ${logname}chmod 300/tmp/history/${logname}fiexport histsize=4096dt= ' date + '%y%m%d_%h%m%s ' ' Export HISTFILE= '/tmp/ HISTORY/${LOGNAME}/${USER_IP} history. $DT "Chmod 600/tmp/history/${logname}/*history* 2>/dev/null

From the above code can be seen in the system/TMP to create a new history directory (this directory can be customized), in the directory to record all the logged-in system of users and IP address, which is a way to monitor the system security.

The method of logging all user operations logs on time by login IP (with script)