HowtoForge

Registering Local Or Remote Commands With logsave

Registering Local Or Remote Commands With logsave

Author: Pedro Moura from AS2MWPC
http://wpc.com.br "GNU/LINUX and OpenBSD training"
Date: 11/08/2009

1) Subject

The general idea is to use the logsave to register commands and their outputs.

Initially we record local commands and then we use this technique to make a record (locally) about a remote session.

 

2) Environments

We test the logsave in Debian 5 and Ubuntu 9.04, in both this command belongs to the e2fsprogs package as we see below:

Debian Package 5: e2fsprogs Version: 1.41.3-1
9.04 Ubuntu Package: e2fsprogs Version: 1.41.4-1ubuntu1

 

3) Maintainer of the package e2fsprogs

Theodore Y. Ts'o (tytso@mit.edu) http://web.mit.edu/tytso/www/home.html

 

4) Use

logsave logfile command

 

5) Examples

5.1) Registering local commands

5.1.1) In the command below we write the current kernel version to the file "register.log":

logsave register.log uname -r

5.1.2) In the next example we add in the "register.log" information about the "hosts" file:

logsave -a register.log ls -l /etc/hosts

5.1.3) Reading the file "register.log" we have the results and the respectives dates of execution of commands:

cat register.log
Log of uname-r
Tue Aug 11 16:15:34 2009
2.6.28-13-generic
Tue Aug 11 16:15:34 2009
----------------
Log of ls -l /etc/hosts
Tue Aug 11 16:16:34 2009
-rw-r - r - 1 root root 293 2009-07-29 13:59 /etc/hosts
Tue Aug 11 16:16:34 2009
----------------

 

5.2) Registering remote sessions

5.2.1) With the following command we record in the "register5.log" file the current kernel version and the report file system disk space usage at 192.168.0.1 server:

logsave register5.log ssh root@192.168.0.1 "(uname-r; df-h)"

Now see the content of file:

cat register5.log
Log of ssh root@192.168.0.1 (uname-r; df-h)
Tue Aug 11 16:10:44 2009
2.6.26-2-686
Sist. Architect	 Tam 	Used	 Disp Use% Mounted on
/dev/sda1 	 19G 	4.1G	 14G  24% 	/
tmpfs 		951M 	   0 	951M   0% 	/lib/init/rw
udev 		 10M 	124k 	9.9M   2%	/dev
tmpfs 		951M 	   0 	951M   0% 	/dev/shm
Tue Aug 11 16:10:51 2009
----------------

5.2.2) Below to log locally all commands executed in the ssh session at 192.168.0.1 server, run the command:

logsave remote.log ssh wpc@192.168.0.1

After login run the commands:

echo hello 
uname -a
ip address show eth0 | grep inet

Make the logout and see the content of file:

cat remote.log
 Tue Aug 11 16:12:44 2009
----------------
Log of ssh wpc@192.168.0.1
Tue Aug 11 16:13:08 2009
as2mwpc.treinamento Linux 2.6.26-2-686 # 1 SMP Sun Jun 21 04:57:38 UTC 2009 i686
Last login: Thu Aug 7 14:37:03 2009 from 192168236149
wpc@wpc.com.br: ~ $ echo hello
Hello
wpc@wpc.com.br: ~ $ uname -a
as2mwpc.treinamento Linux 2.6.26-2-686 # 1 SMP Sun Jun 21 04:57:38 UTC 2009 i686 GNU / Linux
wpc@wpc.com.br: ~ $ ip address show eth0 | grep inet
     BRD 192.168.0.255 inet 192.168.0.1/24 scope global eth0
wpc@wpc.com.br: ~ $ exit
Logout
Connection to 192.168.0.1 closed.
Tue Aug 11 16:13:23 2009
----------------

Have fun!

 

References:

Pedro Moura - RHCE - LPIC - CLP - CLE - CNI
AS2MWPC - Training and Consulting in GNU/Linux / OpenBSD / FreeBSD
Training in Linux - Meet our courses in http://wpc.com.br
logsave (8) (manual)
http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1364174_mem1,00.html?track=NL-795&ad=719470&asrc=EM_NLN_8916233
http://www.cyberciti.biz/tips/howto-save-linux-unix-command-output-to-file.html

Registering Local Or Remote Commands With logsave