On 09/11/2018 04:52 AM, Stefan G. Weichinger wrote:
Is there a recommended way to track the logs? Specific setup for
syslog-ng or in my case journald?
Tracking log files is different than getting things into log files.
By default, shell history is decidedly excluded from system logs.
There are some hacks (that's a generous term) that can (usually) log
shell history.
Maybe I should setup remote syslog here?
Remote syslog does have the added advantage of not being on the local
system that an administrator (presumably) has a full access to.
There is a big difference in logging where an administrator can modify
said logs verses where they can't. On box is the former, off box is the
latter.
--
Grant. . . .
unix || die
