HOW TO : Log all commands issued in shell to syslog

Inspired from this blog post by Vaidas Jablonskis.Β  This tip has been tested on Redhat and Centos distributions.

If you ever wanted to log all the commands issued by users on a server, you can edit the default profile configuration to enable this

  • Edit /etc/bashrc file and add the following at the end of the file[code]PROMPT_COMMAND=’history -a >(logger -t "$USER[$$] $SSH_CONNECTION")’ [/code]
  • Log out and log back into your session
  • Now all your commands are logged in the default log file (/var/log/messages)