- The ac command displays statistics about how long users have been logged on.
- The lastcomm command displays information about previous executed commands.
- The accton command turns process accounting on or off.
- The sa command summarizes information about previously executed commmands.
ls vivek pts/0 0.00 secs Mon Nov 13 23:43
rm vivek pts/0 0.00 secs Mon Nov 13 23:43
vi vivek pts/0 0.00 secs Mon Nov 13 23:43
ping S vivek pts/0 0.00 secs Mon Nov 13 23:42
ping S vivek pts/0 0.00 secs Mon Nov 13 23:42
ping S vivek pts/0 0.00 secs Mon Nov 13 23:42
cat vivek pts/0 0.00 secs Mon Nov 13 23:42
netstat vivek pts/0 0.07 secs Mon Nov 13 23:42
su S vivek pts/0 0.00 secs Mon Nov 13 23:38
- userhelper is command name of the process
- S and X are flags, as recorded by the system accounting routines. Following is the meaning of each flag:
- S -- command executed by super-user
- F -- command executed after a fork but without a following exec
- D -- command terminated with the generation of a core file
- X -- command was terminated with the signal SIGTERM
- vivek the name of the user who ran the process
- prts/0 terminal name
- 0.00 secs - time the process exited
Reference :
How to keep a detailed audit trail of what’s being done on your Linux systems
沒有留言:
張貼留言