.sh_history file

krishna · April 6, 2003, 11:58pm

Hi Friends,

We are currently 5 people using same Unix login-id on different terminals, .sh_history file contains list of commands typed by all 5 peoples(commands history) with the below list :

$tail .sh_history

ls -ltr
pwd
cd ..
ls -ltr
clear
cd temp
more kk.lst

Now my question is " Can I get the IP address of the terminal for each command in .sh_history file or is there any other to find out the ip address for each command typed ??? "

Appreciate for your early reply.

Thanks
Krishna

norsk_hedensk · April 7, 2003, 7:22am

i believe that there are command logging utilities out there, try a search on google. i dont think its possible with sh history to find out at which tty even the command was entered.

Perderabo · April 7, 2003, 9:02am

You really need to use one id per user. Then you know which user did which command. At that point, since you know the user's id, you should not need the user's ip address. But many unix systems do have some way to show the user's remote ip address at login time. This would often be kept in a file called wtmp (or wtmpx).

krishna · April 7, 2003, 10:06pm

Thanks for your reply, but the file wtmp (or wtmpx) is not in readable format !!! is there any alternative solution, but we strictly use the same login-id for 5 people(dept. login-id).

Perderabo · April 7, 2003, 10:35pm

You will have some programs that can display wtmp for you. I don't know which version of unix you are using, so I'm not sure what to recommend. But try this:

who -a /path/to/wtmp

Also you may have fwtmp, but it may in /usr/lib somewhere. Try "man fwtmp".

norsk_hedensk · April 7, 2003, 10:49pm

you may have the 'last' command which gives a sometimes brief, or long (depending on the system) list of logins including origin of login and date and time.

Kelam_Magnus · April 8, 2003, 11:13am

Add this to the .profile in question. It is what my company uses for those who have root access.

#############
# sets .sh_hist file to id of user
if [ "`tty`" = "/dev/console" ]
then
        REAL=console
else
        REAL=`logname`
fi

HISTFILE=$HOME/.sh_$REAL
export HISTFILE
HISTSIZE=1000; export HISTSIZE

i think that is all the code. Each time a different person logs in, this will create a .sh_user1 history file.

added code tags for readability --oombera

krishna · April 9, 2003, 11:11pm

Perderbo, I'm using Digital Unix Version 5.60 on Alpha Server. Tried with who -a /path/to/wtmp command but could n't any required info, please suggest.

regards,
Krishna

shauche · May 8, 2003, 4:54am

Try using the last command.

it displays the users logged in to the system.

Try "last username" if you know the username.

norsk_hedensk · May 8, 2003, 8:33am

as i understand it, you use the same id per 5 people so as to keep track of which department is logging in? well this is just a suggestiong, but maybe it would be easier to give them their own log in ids and then create a group that they are members of.