OCI: How To Audit User Activities in sudo su – session
APPLIES TO
Oracle Cloud Infrastructure - Version N/A and later
Information in this document applies to any platform.
GOAL
This document describes how to record command line activities for non-root users when granted sudo privileges to switch to opc and root users to perform admin task in OCI instances
SOLUTION
Edit /etc/sudoers
file by using command: visudo
and add the entry below
Step 1: Define the path for I/O log directory
Defaults iolog_dir=/backup/SUDO_IO_LOG
Step 2: Enable logging for all users
Defaults log_output Defaults log_input
Step 3: Instead if you want to enable sudo logging for all users in a particular group