add auto fetch ssl certs
This commit is contained in:
@@ -13,7 +13,7 @@
|
||||
"articleSection" : "post",
|
||||
"name" : "[筆記] 紀錄所有下過的指令、時間 \/ Log All commands with timestamp",
|
||||
"headline" : "[筆記] 紀錄所有下過的指令、時間 \/ Log All commands with timestamp",
|
||||
"description" : "\x3cp\x3e今天發生一件有點詭異的事情,本來應該要經過某個指令才會產生的檔案\x3c\/p\x3e\n\n\x3cp\x3e居然不知為何自己產生了,在我記憶中沒有去執行過那個指令\x3c\/p\x3e\n\n\x3cp\x3e翻了一下 bash_history ,裡面也只有下過哪些指令,沒有紀錄時間,完全沒有參考價值(攤手)\x3c\/p\x3e\n\n\x3cp\x3e所以翻了一下網路,至少把這兩台主要跑ansible的機器的log功能補上紀錄所有指令以及時間的部份\x3c\/p\x3e",
|
||||
"description" : "\x3cp\x3e今天發生一件有點詭異的事情,本來應該要經過某個指令才會產生的檔案\x3c\/p\x3e\n\x3cp\x3e居然不知為何自己產生了,在我記憶中沒有去執行過那個指令\x3c\/p\x3e\n\x3cp\x3e翻了一下 bash_history ,裡面也只有下過哪些指令,沒有紀錄時間,完全沒有參考價值(攤手)\x3c\/p\x3e\n\x3cp\x3e所以翻了一下網路,至少把這兩台主要跑ansible的機器的log功能補上紀錄所有指令以及時間的部份\x3c\/p\x3e",
|
||||
"inLanguage" : "en",
|
||||
"author" : "Eric Chang",
|
||||
"creator" : "Eric Chang",
|
||||
@@ -45,9 +45,9 @@
|
||||
|
||||
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.3.1/css/all.css" integrity="sha384-mzrmE5qonljUremFsqc01SB46JvROS7bZs3IO2EmfFsd15uHvIt+Y8vEf7N7fWAU" crossorigin="anonymous">
|
||||
|
||||
<link href="https://h.cowbay.org/css/style.css?v=1626744134" rel="stylesheet" id="theme-stylesheet" type='text/css' media='all'>
|
||||
<link href="https://h.cowbay.org/css/style.css?v=1629951055" rel="stylesheet" id="theme-stylesheet" type='text/css' media='all'>
|
||||
|
||||
<link href="https://h.cowbay.org/css/custom.css?v=1626744134" rel="stylesheet" type='text/css' media='all'>
|
||||
<link href="https://h.cowbay.org/css/custom.css?v=1629951055" rel="stylesheet" type='text/css' media='all'>
|
||||
<link rel="shortcut icon" href="https://h.cowbay.org/img/favicon.ico" type="image/x-icon">
|
||||
<link rel="icon" href="https://h.cowbay.org/img/favicon.ico" type="image/x-icon">
|
||||
|
||||
@@ -81,10 +81,6 @@ if (!doNotTrack) {
|
||||
|
||||
<ul id="menu-secondary-items" class="menu-secondary-items">
|
||||
|
||||
<li class="menu-item menu-item-type-taxonomy menu-item-object-category">
|
||||
<a href="/categories/"></a>
|
||||
</li>
|
||||
|
||||
<li class="menu-item menu-item-type-taxonomy menu-item-object-category">
|
||||
<a href="/categories/ansible">ansible</a>
|
||||
</li>
|
||||
@@ -309,28 +305,17 @@ if (!doNotTrack) {
|
||||
<div class="entry-content">
|
||||
<article>
|
||||
<p>今天發生一件有點詭異的事情,本來應該要經過某個指令才會產生的檔案</p>
|
||||
|
||||
<p>居然不知為何自己產生了,在我記憶中沒有去執行過那個指令</p>
|
||||
|
||||
<p>翻了一下 bash_history ,裡面也只有下過哪些指令,沒有紀錄時間,完全沒有參考價值(攤手)</p>
|
||||
|
||||
<p>所以翻了一下網路,至少把這兩台主要跑ansible的機器的log功能補上紀錄所有指令以及時間的部份</p>
|
||||
|
||||
<p>參考這個網頁
|
||||
<img src="https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server" alt="https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server" /></p>
|
||||
|
||||
<img src="https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server" alt="https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server"></p>
|
||||
<p>我沒有打算要紀錄「所有」使用者的指令,只要看有權力執行重要指令的帳號就好</p>
|
||||
|
||||
<p>所以先用minion(管理用的帳戶)登入後</p>
|
||||
|
||||
<p>先編輯 ~/.bashrc
|
||||
加入</p>
|
||||
|
||||
<pre><code>export PROMPT_COMMAND='RETRN_VAL=$?;logger -p local6.debug "$(whoami) [$$]: $(history 1 | sed "s/^[ ]*[0-9]\+[ ]*//" ) [$RETRN_VAL]"'
|
||||
</code></pre>
|
||||
|
||||
<p>因為這邊用到syslog 的 local6,所以要跟著修改 syslog的設定</p>
|
||||
|
||||
</code></pre><p>因為這邊用到syslog 的 local6,所以要跟著修改 syslog的設定</p>
|
||||
<pre><code>sudo vim /etc/rsyslog.d/bash.conf
|
||||
|
||||
加入這行
|
||||
@@ -346,10 +331,7 @@ sudo vim /etc/logrotate.d/rsyslog
|
||||
然後重起 rsyslog
|
||||
|
||||
sudo service rsyslog restart
|
||||
</code></pre>
|
||||
|
||||
<p>用 minion 登出登入後,就可以看到所有指令都被完整的紀錄下來了</p>
|
||||
|
||||
</code></pre><p>用 minion 登出登入後,就可以看到所有指令都被完整的紀錄下來了</p>
|
||||
<pre><code>sudo cat /var/log/commands.log
|
||||
|
||||
2019-04-23 15:18:48 [minion@hqs010 ~]$ sudo cat /var/log/commands.log
|
||||
@@ -367,9 +349,7 @@ Apr 23 15:07:28 hqs010 minion: minion [30832]: ls .inxi/ [0]
|
||||
Apr 23 15:07:35 hqs010 minion: minion [30832]: clear [0]
|
||||
Apr 23 15:18:48 hqs010 minion: minion [30832]: ip addr [0]
|
||||
2019-04-23 15:18:55 [minion@hqs010 ~]$
|
||||
</code></pre>
|
||||
|
||||
<p>裡面應該會看到滿滿的 cd / ls / cat 吧 XD</p>
|
||||
</code></pre><p>裡面應該會看到滿滿的 cd / ls / cat 吧 XD</p>
|
||||
</article>
|
||||
</div>
|
||||
|
||||
@@ -644,7 +624,7 @@ title="pinterest icon"></i>
|
||||
|
||||
</ul> <div class="design-credit">
|
||||
|
||||
<p>© 2018 Göran Svensson</p>
|
||||
<p>© 2018 Göran Svensson</p>
|
||||
|
||||
<p>Nederburg Hugo Theme by <a href="https://appernetic.io">Appernetic</a>.</p>
|
||||
|
||||
@@ -656,7 +636,7 @@ title="pinterest icon"></i>
|
||||
</div>
|
||||
<script src="https://h.cowbay.org/js/jquery.min.js"></script>
|
||||
<script src="https://h.cowbay.org/js/jquerymigrate.js"></script>
|
||||
<script src="https://h.cowbay.org/js/production.min.js?v=1626744134"></script>
|
||||
<script src="https://h.cowbay.org/js/production.min.js?v=1629951055"></script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
Reference in New Issue
Block a user