In this tutorial i will guide you how to make more detailed log than what default bash history provides.

First of all I want to explain that the purpose of such log is generally to used in multi-user and multi access environments. There is generally no need to configure this on your home Linux system that is used only by you, nor you need that on your laptop. I have personally use this method on client servers where the client has full root access. By client i mean a company and that usually means a dozen of people with access to the server. I just want to keep track of who did what and at what time from which IP and in which directory.

That is pretty much all you need to know. Here is an example of how the log file looks like

Note: We have to warn you that having such log is usually a security problem. The log file has to be writable by everybody so if you will do something you want to hide from everybody maybe you should think of the security model first. This however is not the purpose of this tutorial so I will leave it up to you

Having this in mind we can proceed with the essence. For our needs we use the hcmnt script created by Dennis Williamson. You can get the file also from here.

Here are general commands to execute to get the things going

Next what you need to do is to add the following 3 lines in /etc/bashrc. After that logout and log back in. The script will write daily log in /var/log/audit