tools for user logon tracking?
Jim Jarvie
ntl-linux at ntlworld.com
Wed Mar 28 10:57:25 GMT 2001
Kat,
I use the "root preexec" & "root postexec" options to run a small script
which copies the information I am interested in to a log file. The %M
etc macros are expanded to form the command parameters and the scripts
just use these to fill the log files. If you wanted to be really fancy,
you could make a small program which places the information into a
database (say PostgreSQL or MySQL to name but two).
These options can even be used on a per share basis; I use the profiles
share as my "logon" & "logoff" detection, but you can log each share this
way, so if you have a sensitive share, you could log access to record
when it is used [you would protect it with user, group or machine (or a
combination of them all) permissions, of course !]. I do this to prove
to my paranoid users their share is actually protected !
Regards
Jim
Hi,
Anyone know of a simple tool to take the smbd/nmbd logs and create some
sort of connection/usage chart/info? I want to be able to see when my
users are logging on and logging out... I know the info of course is in
the
logs, and could be gotten with grep/sed, but was wondering if someone has
already done something like this.
thanks
Kat
More information about the samba-ntdom
mailing list