Thank you for your reply. I understand what you concern . In our enviroment we consider it as an import audit function which send those command history to remote SIEM directly.
孙会林 中国银联信息总中心 地 址:上海市浦东新区顾唐路1699号 邮 编:201201 电 话:021-38929999-6607 From: Chet Ramey Date: 2018-07-17 23:02 To: sunhui...@unionpay.com; bug-bash CC: chet.ramey Subject: Re: About bash_syslog_histrory Function! On 7/17/18 4:03 AM, sunhui...@unionpay.com wrote: > Hi: > I found the orginal bash_syslog_history has three flaws: > 1、 Ingore the texts that length exceed SYSLOG_MAXLEN,however in our > environment ,we have a lot of db2 command line which exceed SYSLOG_MAXLEN; > 2、only get PID and UID, lack some import information such as tty,orginal > host ,user info ... > 3、only by compile with SYSLOG_HISTORY=1 ,which is not default. Is there > any possible that by active it by default or where env parameter > BASH_SYSLOG_HISTORY is set to on ? > > would you please consider improve about it ? I will look at your line continuation code, but I am not interested in making something I consider an invasion of privacy enabled by default. -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, UTech, CWRU c...@case.edu http://tiswww.cwru.edu/~chet/
