chchang
/
hugo_backup
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '754d4cbd7d'
${ noResults }
hugo_backup/public/post/log-all-bash-commands/index.html

464 lines
16 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<!doctype html>
<html class="no-js" lang="tw">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="author" content="Eric Chang">
<meta name="description" content="Whats the Worst That Could Happen?">
<meta name="keywords" content="linux,blog,responsive,search,font awesome,pages,posts,multilingual,highlight.js,syntax highlighting,premium,shortcuts">
<meta content="" name="keywords">
<meta name="generator" content="Hugo 0.50" />
<title> [筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp | MCの飄狂山莊㊣</title>
<meta name="description" content="[筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp - Whats the Worst That Could Happen?">
<meta itemprop="name" content="[筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp">
<meta itemprop="description" content="[筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp - Whats the Worst That Could Happen?">
<meta property="og:title" content="[筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp">
<meta property="og:description" content="[筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp - Whats the Worst That Could Happen?">
<meta property="og:image" content="https://h.cowbay.org/images/post-default-11.jpg">
<meta property="og:url" content="https://h.cowbay.org/post/log-all-bash-commands/">
<meta property="og:site_name" content="MCの飄狂山莊㊣">
<meta property="og:type" content="article">
<link rel="icon" type="image/png" href="https://h.cowbay.org/favicon-32x32.png" sizes="32x32">
<link rel="icon" type="image/png" href="https://h.cowbay.org/favicon-16x16.png" sizes="16x16">
<link rel="stylesheet" href="https://h.cowbay.org/sass/combined.min.a89dfa577f701bffe9659f476ef61241cb2a3452b913e793463b0074a10c0a59.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
</head>
<body class="bilberry-hugo-theme">
<nav class="permanentTopNav">
<div class="container">
<ul class="topnav">
</ul>
<div id="search-box" class="search">
<i class="fa fa-search"></i>
<input id="search" type="text" placeholder="">
</div>
</div>
</nav>
<header>
<div class="container">
<div class="logo">
<a href="/" class="logo">
<img src="https://www.gravatar.com/avatar/e4eb1f8e016ffb73e9889f87d16e15f0?d=mm&size=200" alt="">
<span class="overlay"><i class="fa fa-home"></i></span>
</a>
</div>
<div class="titles">
<h3 class="title"><a href="/">MCの飄狂山莊㊣</a></h3>
<span class="subtitle">Whats the Worst That Could Happen?</span>
</div>
<div class="toggler permanentTopNav">
<i class="fa fa-bars" aria-hidden="true"></i>
</div>
</div>
</header>
<div class="main container">
<div class="article-wrapper u-cf single">
<a class="bubble" href="/post/log-all-bash-commands/">
<i class="fa fa-fw fa-pencil"></i>
</a>
<article class="default article">
<div class="featured-image">
<a href="/post/log-all-bash-commands/">
<img src="/images/post-default-11.jpg" alt="">
</a>
</div>
<div class="content">
<h3><a href="/post/log-all-bash-commands/">[筆記] 紀錄所有下過的指令、時間 / Log All commands with timestamp</a></h3>
<div class="meta">
<span class="date moment">2019-04-23</span>
<span class="categories">
<a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
</span>
<span class="author"><a href="/author/eric-chang">Eric Chang</a></span>
</div>
<p>今天發生一件有點詭異的事情,本來應該要經過某個指令才會產生的檔案</p>
<p>居然不知為何自己產生了,在我記憶中沒有去執行過那個指令</p>
<p>翻了一下 bash_history ,裡面也只有下過哪些指令,沒有紀錄時間,完全沒有參考價值(攤手)</p>
<p>所以翻了一下網路至少把這兩台主要跑ansible的機器的log功能補上紀錄所有指令以及時間的部份</p>
<p></p>
<p>參考這個網頁
<img src="https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server" alt="https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server" /></p>
<p>我沒有打算要紀錄「所有」使用者的指令,只要看有權力執行重要指令的帳號就好</p>
<p>所以先用minion(管理用的帳戶)登入後</p>
<p>先編輯 ~/.bashrc
加入</p>
<pre><code>export PROMPT_COMMAND='RETRN_VAL=$?;logger -p local6.debug &quot;$(whoami) [$$]: $(history 1 | sed &quot;s/^[ ]*[0-9]\+[ ]*//&quot; ) [$RETRN_VAL]&quot;'
</code></pre>
<p>因為這邊用到syslog 的 local6所以要跟著修改 syslog的設定</p>
<pre><code>sudo vim /etc/rsyslog.d/bash.conf
加入這行
local6.* /var/log/commands.log
接著設定讓/var/log/commands.log 也能夠自動輪替
sudo vim /etc/logrotate.d/rsyslog
在適當的位置 加入 /var/log/commands.log
然後重起 rsyslog
sudo service rsyslog restart
</code></pre>
<p>用 minion 登出登入後,就可以看到所有指令都被完整的紀錄下來了</p>
<pre><code>sudo cat /var/log/commands.log
2019-04-23 15:18:48 [minion@hqs010 ~]$ sudo cat /var/log/commands.log
Apr 23 15:06:51 hqs010 minion: minion [30832]: [0]
Apr 23 15:06:53 hqs010 minion: minion [30832]: ls -lart [0]
Apr 23 15:06:55 hqs010 minion: minion [30832]: ls -alrt /tmp/ [0]
Apr 23 15:06:58 hqs010 minion: minion [30832]: ls -lart /var/log/ [0]
Apr 23 15:07:07 hqs010 minion: minion [30832]: sudo cat /var/log/commands.log [0]
Apr 23 15:07:13 hqs010 minion: minion [30832]: ls -lart /tmp/ [0]
Apr 23 15:07:18 hqs010 minion: minion [30832]: cat /tmp/hqs010_inventory.txt [0]
Apr 23 15:07:22 hqs010 minion: minion [30832]: cd [0]
Apr 23 15:07:22 hqs010 minion: minion [30832]: ls [0]
Apr 23 15:07:24 hqs010 minion: minion [30832]: ls -lart [0]
Apr 23 15:07:28 hqs010 minion: minion [30832]: ls .inxi/ [0]
Apr 23 15:07:35 hqs010 minion: minion [30832]: clear [0]
Apr 23 15:18:48 hqs010 minion: minion [30832]: ip addr [0]
2019-04-23 15:18:55 [minion@hqs010 ~]$
</code></pre>
<p>裡面應該會看到滿滿的 cd / ls / cat 吧 XD</p>
</div>
<div class="footer">
<div class="tags">
<i class="fa fa-tags"></i>
<div class="links">
<a href="/tags/log">log</a>
</div>
</div>
</div>
</article>
</div>
<div id="disqus_thread"></div>
<script type="application/javascript">
var disqus_config = function () {
};
(function() {
if (["localhost", "127.0.0.1"].indexOf(window.location.hostname) != -1) {
document.getElementById('disqus_thread').innerHTML = 'Disqus comments not available by default when the website is previewed locally.';
return;
}
var d = document, s = d.createElement('script'); s.async = true;
s.src = '//' + "h-cowbay-org-1" + '.disqus.com/embed.js';
s.setAttribute('data-timestamp', +new Date());
(d.head || d.body).appendChild(s);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="https://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
</div>
<footer>
<div class="container">
<div class="recent-posts">
<strong></strong>
<ul>
<li>
<a href="/post/pgbarman-in-ubuntu-1804-postgresql-10-via-ssh/">[筆記] 在Ubuntu 18.04 下 透過 pgbarman rsync/ssh backup 備份 postgresql 10 / backup postgresql 10 with pgbarman via ssh/rsync in ubuntu 18.04</a>
</li>
<li>
<a href="/post/pgbarman-in-ubuntu-1804-postgresql-10/">[筆記] 在Ubuntu 18.04 下 透過 pgbarman streaming backup 備份 postgresql 10/ backup postgresql 10 with pgbarman straming backup in ubuntu 18.04</a>
</li>
<li>
<a href="/post/install-nvidia-driver-cuda-pgstrom-in-ubuntu-1804/">[筆記] 在ubuntu 18.04 下安裝nvidia 顯示卡驅動程式以及 pgstrom / Install Nvidia Driver Cuda Pgstrom in Ubuntu 1804</a>
</li>
<li>
<a href="/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/">[筆記] 在gcp 中用wireguard建立VPN時不要用 10.0.0.0/16 網段/Do No Use 10 0 0 0 Private Ipaddr in GCP</a>
</li>
<li>
<a href="/post/multiple-site-to-site-vpn-using-wireguard/">[筆記] 透過 wireguard 建立多點 site to site VPN / Multiple Site to Site VPN Using Wireguard</a>
</li>
<li>
<a href="/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/">[筆記] 在edgerouter上用wireguard 建立site to site VPN / Site to Site Vpn Using Wireguard in Two Edgerouters</a>
</li>
<li>
<a href="/post/another-way-to-keep-ansible-log/">[筆記] 為了保存log 用script 指令執行ansible / Another Way to Keep Ansible Log using script command</a>
</li>
</ul>
</div>
<div class="categories">
<a href="/categories/"><strong></strong></a>
<ul>
<li>
<a href="/categories/%E7%AD%86%E8%A8%98">筆記 (27)</a>
</li>
<li>
<a href="/categories/ansible">Ansible (3)</a>
</li>
<li>
<a href="/categories/linux">Linux (1)</a>
</li>
<li>
<a href="/categories/proxmox">Proxmox (1)</a>
</li>
<li>
<a href="/categories/ps">Ps (1)</a>
</li>
<li>
<a href="/categories/%E7%A2%8E%E5%BF%B5">碎念 (1)</a>
</li>
<li>
<a href="/categories/%E7%BE%A4%E6%9A%89">群暉 (1)</a>
</li>
</ul>
</div>
<div class="right">
<div class="external-profiles">
<strong></strong>
<a href="https://www.facebook.com/mariahchang" target="_blank"><i class="fa fa-facebook-adblock-proof"></i></a>
<a href="https://twitter.com/changchichung" target="_blank"><i class="fa fa-twitter-adblock-proof"></i></a>
<a href="https://github.com/changchichung" target="_blank"><i class="fa fa-github"></i></a>
<a href="https://www.yapee.tw/mvc/onlinePay/webLink?key=lMC74kucH21JChCR77-wJ80ZZ-Poh11amP24BwiDdHw" target="_blank"><img border="0" src="https://www.yapee.tw/mvc/file/publicFile?pathType=data/linkLogo/B0S0F0002585.jpg"></img></a>
</div>
</div>
</div>
</footer>
<div class="credits">
<div class="container">
<div class="copyright">
<a href="https://github.com/Lednerb" target="_blank">
&copy;
2017
by Lednerb
</a>
</div>
<div class="author">
<a href="https://www.yapee.tw/mvc/onlinePay/webLink?key=lMC74kucH21JChCR77-wJ80ZZ-Poh11amP24BwiDdHw" target="_blank">Bilberry Hugo Theme</a>
</div>
</div>
</div>
<script type="application/javascript">
var doNotTrack = false;
if (!doNotTrack) {
window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};ga.l=+new Date;
ga('create', 'UA-138954876-1', 'auto');
ga('send', 'pageview');
}
</script>
<script async src='https://www.google-analytics.com/analytics.js'></script>
<script type="text/javascript" src="https://h.cowbay.org/js/externalDependencies.39c47e10e241eae2947b3fe21809c572.js" integrity="md5-OcR&#43;EOJB6uKUez/iGAnFcg=="></script>
<script type="text/javascript" src="https://h.cowbay.org/js/theme.ff50ae6dc1bfc220b23bf69dbb41b54e.js" integrity="md5-/1CubcG/wiCyO/adu0G1Tg=="></script>
<script>
$(".moment").each(function() {
$(this).text(
moment( $(this).text() )
.locale( "tw" )
.format('LL')
);
});
$(".footnote-return sup").html("");
</script>
<script>
var client = algoliasearch("2XL0P8XDCY", "4ef65b37b627bb886b46c34a10e63aa6");
var index = client.initIndex("h_cowbay_org");
$('#search').autocomplete({ hint: false, autoselect: true, debug: false },
[
{
source: $.fn.autocomplete.sources.hits(index, { hitsPerPage: 10 }),
displayKey: function(suggestion) {
return suggestion.title || suggestion.author
},
templates: {
suggestion: function(suggestion) {
return "<span class='entry " + suggestion.type + "'>"
+ "<span class='title'>" + suggestion.title + "</span>"
+ "<span class='fa fa-fw " + suggestion.iconClass + "'></span>"
+ "</span>"
;
},
empty: function() {
return "<span class='empty'></span>"
},
footer: function() {
return '<div class="branding">Powered by <img src="https:\/\/h.cowbay.org\/dist\/algolia-logo-light.svg" /></div>'
}
},
}
])
.on('autocomplete:selected', function(event, suggestion, dataset) {
window.location = (suggestion.url);
})
.keypress(function (event, suggestion) {
if (event.which == 13) {
window.location = (suggestion.url);
}
});
</script>
</body>
</html>
Reference in new issue View Git Blame Copy Permalink