Need some help in coming up to log all the activity that is used with our common "unix account".
Ideally I am looking for to log the activity in a "separate" file for each session or login until the user logout, I would like to capture the date/time and terminal login and record all the commands until the user logout.
Please help.
Thanks
Auditing has OS-specific components - what UNIX? What shell do you use?
wtmpx is a database ( a file really) that tracks when and from where a user account logs in, when the process logs out. Also check out the script command.
I should mentioned this, I am in Solaris 10 & bash
In most shells, and, of course, bash, you have the history file that collects the commands a user puts in. It may become difficult to separate the files if different remote users login to the same account; you may need to apply some tricks to create and keep separate history files.