OCI: How To Audit User Activities in sudo su – session — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Note!! Please register for a free account to access the full content and also to participate in Q&A in the community

OCI: How To Audit User Activities in sudo su – session

APPLIES TO
Oracle Cloud Infrastructure - Version N/A and later
Information in this document applies to any platform.

GOAL
This document describes how to record command line activities for non-root users when granted sudo privileges to switch to opc and root users to perform admin task in OCI instances

SOLUTION

Edit /etc/sudoers file by using command: visudo and add the entry below

Step 1: Define the path for I/O log directory

Defaults iolog_dir=/backup/SUDO_IO_LOG

Step 2: Enable logging for all users

Defaults log_output
Defaults log_input

Step 3: Instead if you want to enable sudo logging for all users in a particular group

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!