Linux在history加上执行时间、用户和IP源等
2018-09-05 本文已影响0人
疯狂撸代码的奋青骚年
Linux在history加上执行时间、用户和IP源等
转:https://blog.csdn.net/xubo245/article/details/50497948
1.设置显示时间和用户:
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile
执行source生效:
source /etc/profile
查看结果:
history
1852 2016-01-11 16:24:52 xubo hs
1853 2016-01-11 16:24:53 xubo ls
1854 2016-01-11 16:24:56 xubo history
1855 2016-01-11 16:25:02 xubo history --help
1856 2016-01-11 16:26:35 xubo vi /etc/profile
1857 2016-01-11 16:27:27 xubo echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile
1858 2016-01-11 16:27:29 xubo vi /etc/profile
1859 2016-01-11 16:27:42 xubo source /etc/profile
1860 2016-01-11 16:27:46 xubo history
1861 2016-01-11 16:27:59 xubo ls
1862 2016-01-11 16:28:01 xubo history
1863 2016-01-11 16:31:00 xubo clear
1864 2016-01-11 16:31:02 xubo history
2.只看到自己的操作记录(时间,用户,ip名):
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
export HISTTIMEFORMAT="[%F %T][`whoami`][${USER_IP}] "
执行source生效:
source /etc/profile
查看结果:
hadoop@Master:~$ history
1002 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] cd ../
1003 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] du -h --max-depth=1
1004 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] du -h --max-depth=2
1005 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] sudo find /* -name pokec-relationships
1006 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] sudo find /* -name pokec
1007 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] sudo find /* -name kddcup
1008 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] sudo find /* -name kddcup*
1009 [2016-01-11 16:47:37][hadoop][host-e-150.ustcsz.edu.cn] sudo find /* -name *kddcup*
3.将history记录到log:
#export HISTTIMEFORMAT="%F %T $USER_IP:`whoami` "
#export HISTTIMEFORMAT="%F %T $USER_IP:`whoami` "
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
export HISTTIMEFORMAT="[%F %T][`whoami`][${USER_IP}] "
#history
LOGIP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
LOG_DIR=/var/log/history
if [ -z $LOGIP ]
then
LOGIP=`hostname`
fi
if [ ! -d $LOG_DIR ]
then
mkdir -p $LOG_DIR
chmod 777 $LOG_DIR
fi
if [ ! -d $LOG_DIR/${LOGNAME} ]
then
mkdir -p $LOG_DIR/${LOGNAME}
chmod 777 $LOG_DIR/${LOGNAME}
fi
export HISTSIZE=4096
LOGTM=`date +"%Y%m%d_%H%M%S"`
export HISTFILE="$LOG_DIR/${LOGNAME}/${LOGIP}-$LOGTM"
chmod 777 $LOG_DIR/${LOGNAME}/*-* 2>/dev/null
运行结果:
root@xubo:/media/xubo/My Passport/gene_data/1000genomes# ls /var/log/history/root/
host-e-150.ustcsz.edu.cn-20160111_171845 host-e-150.ustcsz.edu.cn-20160111_172719 host-e-213.ustcsz.edu.cn-20160111_202047
root@xubo:/media/xubo/My Passport/gene_data/1000genomes# vi /var/log/history/root/host-e-213.ustcsz.edu.cn-20160111_202047
#1452514808
ls root/
#1452514818
history
#1452514847
source /etc/profile
#1452514848
history
#1452514860
ls root/
#1452514861
ls
#1452514863
cd root/
#1452514864
ls
#1452514866
exit
~
~
~