Remotely executed commands

ssh

Solution 1:

If what you need is actually an audit log then the bash history is not at all suitable anyway as that is removable/editable by the same user. (The bash history is essentially recorded for the benefit of that user so that they can reuse previous commands, etc.)

To get proper audit logging you would hook into the kernel with audit (on Linux, the same general idea would apply otherwise) and have it record the system events (command execution, file access, ...) that are relevant to your needs and store this log in a secure location (preferable on a different system entirely so that the audit logs are not lost in case of a compromised system).

Related

running a docker container on upstart on Amazon Linux isn't working
How to configure bind for a private subdomain?
Why is cron running twice?
How to improve a Java build server's performance?
How can I use Exim4 to forward email for root to another email address?
Windows Authentication KRB5KRB_AP_ERR_MODIFIED
Running an IPsec client VPN server within Azure
Why is my server displaying openssl 0.9.8 when I have openssl1.0.1 installed?
Spamassassin DKIM DNS issue
Postfix sending and receiving in strange way.
Hosting 2 versions of the same Java website in tomact
ipmi on a supermicro mothercard