hackingbutlegal · February 12, 2013 03:41
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/bash
 #
 # SCRIPT: log_keystrokes.bash
 #
 # PURPOSE: This shell script is used to monitor a login session by
 #          capturing all of the terminal data in a log file using
 #          the script command. This shell script name should be
 #          the last entry in the user's $HOME/.profile. The log file
 #          is both kept locally and e-mailed to a log file administrative
 #          user either locally or on a remote machine.
 #
 # set -n # Uncomment to check syntax without any execution 
 # set -x # Uncomment to debug this shell script
 #
 ############# DEFINE AUDIT LOG MANAGER ###################

 # This user receives all of the audit logs by e-mail. This
 # Log Manager can have a local or remote e-mail address. You
 # can add more than one e-mail address if you want by separating
 # each address with a space.

 LOG_MANAGER="logman"     # List to e-mail audit log

 ##########################################################
 ################ DEFINE FUNCTIONS HERE ###################
 ##########################################################

 cleanup_exit ()
 {
 # This function is executed on any type of exit except of course
 # a kill -9, which cannot be trapped. The script log file is
 # e-mailed either locally or remotely and the log file is 
 # compressed. The last "exit" is needed so the user does not
 # have the ability to get to the command line without logging.

 if [[ -s ${LOGDIR}/${LOGFILE} ]]
 then
    mailx -s "$TS - $LOGNAME Audit Report" $LOG_MANAGER \
        < ${LOGDIR}/${LOGFILE}
    compress ${LOGDIR}/${LOGFILE} 2>/dev/null 
 fi

 exit
 }

 # Set a trap

 trap 'cleanup_exit' 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 26

 ##########################################################
 ################ DEFINE VARIABLES HERE ###################
 ##########################################################

 TS=$(date +%m%d%y%H%M%S)           # File time stamp
 THISHOST=$(hostname|cut -f1-2 -d.) # Host name of this machine
 LOGDIR=/usr/local/logs/script      # Directory to hold the logs
 LOGFILE=${THISHOST}.${LOGNAME}.$TS # Creates the name of the log file
 touch $LOGDIR/$LOGFILE             # Creates the actual file
 set -o vi 2>/dev/null              # Previous commands recall

 # Set the command prompt
 export PS1="[$LOGNAME:$THISHOST]@"'$PWD> '

 #################### RUN IT HERE ##########################

 chmod 600 ${LOGDIR}/${LOGFILE}     # Change permission to RW for the owner

 script ${LOGDIR}/${LOGFILE}        # Start the script monitoring session

 chmod 400 ${LOGDIR}/${LOGFILE}     # Set permission to read-only for the owner

 cleanup_exit                       # Execute the cleanup and exit function
	#!/bin/bash
	#
	# SCRIPT: log_keystrokes.bash
	#
	# PURPOSE: This shell script is used to monitor a login session by
	# capturing all of the terminal data in a log file using
	# the script command. This shell script name should be
	# the last entry in the user's $HOME/.profile. The log file
	# is both kept locally and e-mailed to a log file administrative
	# user either locally or on a remote machine.
	#
	# set -n # Uncomment to check syntax without any execution
	# set -x # Uncomment to debug this shell script
	#
	############# DEFINE AUDIT LOG MANAGER ###################

	# This user receives all of the audit logs by e-mail. This
	# Log Manager can have a local or remote e-mail address. You
	# can add more than one e-mail address if you want by separating
	# each address with a space.

	LOG_MANAGER="logman" # List to e-mail audit log

	##########################################################
	################ DEFINE FUNCTIONS HERE ###################
	##########################################################

	cleanup_exit ()
	{
	# This function is executed on any type of exit except of course
	# a kill -9, which cannot be trapped. The script log file is
	# e-mailed either locally or remotely and the log file is
	# compressed. The last "exit" is needed so the user does not
	# have the ability to get to the command line without logging.

	if [[ -s ${LOGDIR}/${LOGFILE} ]]
	then
	mailx -s "$TS - $LOGNAME Audit Report" $LOG_MANAGER \
	< ${LOGDIR}/${LOGFILE}
	compress ${LOGDIR}/${LOGFILE} 2>/dev/null
	fi

	exit
	}

	# Set a trap

	trap 'cleanup_exit' 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 26

	##########################################################
	################ DEFINE VARIABLES HERE ###################
	##########################################################

	TS=$(date +%m%d%y%H%M%S) # File time stamp
	THISHOST=$(hostname\|cut -f1-2 -d.) # Host name of this machine
	LOGDIR=/usr/local/logs/script # Directory to hold the logs
	LOGFILE=${THISHOST}.${LOGNAME}.$TS # Creates the name of the log file
	touch $LOGDIR/$LOGFILE # Creates the actual file
	set -o vi 2>/dev/null # Previous commands recall

	# Set the command prompt
	export PS1="[$LOGNAME:$THISHOST]@"'$PWD> '

	#################### RUN IT HERE ##########################

	chmod 600 ${LOGDIR}/${LOGFILE} # Change permission to RW for the owner

	script ${LOGDIR}/${LOGFILE} # Start the script monitoring session

	chmod 400 ${LOGDIR}/${LOGFILE} # Set permission to read-only for the owner

	cleanup_exit # Execute the cleanup and exit function