Re: [CentOS] Using typescript as a default shell?

On Mon, Dec 07, 2015 at 11:40:08AM -0800, Benjamin Smith wrote:

We'd like to have an auditable history of what happened on production servers, kept for a period of time. (perhaps a week?) It's a very busy production environment, but the only shell-level access to the systems are administrative, but having a history of activity as well as the output would have been highly valuable this morning to verify that a mistake that might have been made was. (or wasn't!)

You can use auditd to do this, but it won't capture the output, just the command and its exit code.

To go along with the zsh suggestion, I believe that you can compile ksh93 to include auditing, but it's not enabled on any of my systems.