Log entire system activity
Jeremiah Foster
jeremiah at easywebsite.se
Wed Dec 14 09:03:57 UTC 2005
On Tue, 2005-12-13 at 13:19 +0000, Sarangan Thuraisingham /
wrote:
> Is there any way to log the activity that is taking place in the system
> as a whole? I am talking about something other than kernel logs.
Not really sure what you mean by not kernel logs. If you mean not logged
by the kernel well there is very little that isn't logged by the kernel
since you have to ask the kernel for a new process, etc. If you mean a
log that is logging something other than user-space activity than yes
there are logs to do what you want.
>
> I guess I am a bit paranoid, but sometimes I want to know everything
> that is happening in my system. For example, I want logs for ssh
> activity, NFS or samba share activity, what process are using the
> network, etc
For sshd (i.e. server) messages, look in /var/log/auth.log There you
will also find sudo activity, and PAM activity along with nearly
anything else requiring a password on the system.
If you want a real-time display of processes try ps auxww or use the
program "top." top is continually updated in your terminal so you can
monitor every process in real time, as it happens. It also shows you
memory usage and process owner, etc.
> Is there anything like that at all?
There are many other facilities for monitoring the system, I have just
scratched the surface here. Look in /var/log and do man top and man ps.
Best regards,
Jeremiah
More information about the ubuntu-users
mailing list