Tools to monitor users activity on Linux/Unix servers

Question

Is there any specific open source tool which can be used to monitor what users are doing on linux system. I have multiple servers and with access to some users on them. I want to monitor which user ran which commands at what time. I want it to be monitored from Centralized server. I know about tripwire,sysstat. But those are not full filling my requirements.

Please suggest.

Thanks Ramesh

score 1 · Answer 1 · edited Apr 13 '17 at 12:13

1

Linux comes with the auditd system. It allows the monitoring of what you require. Look at this question.

And like iscsi said, you could set up log forwarding to your central server.

edited Apr 13 '17 at 12:13

Community

1

answered Dec 26 '10 at 13:32

Allen

1,315
7
12

score 1 · Accepted Answer · answered Dec 27 '10 at 04:41

1

Check OSSEC,

It can do file integrity checks, besides it can monitor syslog/audit.log and forward it to centralize OSSEC server, and if you write correct rules even notify you when user runs something wrong. (or block this user/ip)

answered Dec 27 '10 at 04:41

Vitaly Nikolaev

386
1
6

can we track from which ip which user is connected and what he has done ? – kapil das Feb 26 '14 at 15:22

score 0 · Answer 3 · answered Dec 26 '10 at 10:51

0

Just setup audit log forwarding.

answered Dec 26 '10 at 10:51

iscsi

56
3

Tools to monitor users activity on Linux/Unix servers

3 Answers3