Tag Archives: syslog

How to log bash history with syslog

There are two methods to get this thing done.

1. Trap method - drop the following snippet into either the per-user or system-wide bash profile (~/.bash_profile or /etc/profile, respectively)

unset HISTSIZE HISTFILESIZE
export HISTTIMEFORMAT='%F %T'
function log2syslog
{
   declare COMMAND
   COMMAND=$(fc -ln -0)
   logger -p local1.notice -t bash -i -- "${USER}:${COMMAND}"
}
trap log2syslog DEBUG

2. Prompt Method - this method logs by hacking the prompt command to call history and write to syslog.

PROMPT_COMMAND='history -a >(tee -a ~/.bash_history | logger -t "$USER[$$] $SSH_CONNECTION")'