PSJoshi/log-shell-commands.md

Created March 24, 2022 12:09

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/PSJoshi/2437e74790a2a7b3b833313b51bab557.js"></script>
Save PSJoshi/2437e74790a2a7b3b833313b51bab557 to your computer and use it in GitHub Desktop.

Download ZIP

Log every shell command in linux

Raw

log-shell-commands.md

Log every shell command in linux

Using Bash shell option Add ‘shopt -s syslog_history‘ into system-wide startup /etc/profile or personal initialization file - ~/.bash_profile
```
  [root@joshi ~]# cat /etc/profile | grep shopt
  shopt -s syslog_history
```

Using rsyslog service

Create a new rsyslog configuration file, and define the log file path. For example: /var/log/shell-commands.log.
```
# vi /etc/rsyslog.d/bash.conf
  local6.* /var/log/shell-commands.log
```

Edit the user’s ~/bashrc and add the following code:

# vi ~/.bashrc
whoami="$(whoami)@$(echo $SSH_CONNECTION | awk '{print $1}')"
export PROMPT_COMMAND='RETRN_VAL=$?;logger -p local6.debug "$whoami [$$]: $(history 1 | sed "s/^[ ]*[0-9]\+[ ]*//" ) [$RETRN_VAL]"'

Restart rsyslog service
```
# systemctl restart rsyslog
```

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment