Linux之终端操作记录工具总结

终端操作记录

script及scriptreplay是什么？

script及scriptreplay是两个Linux命令。script可以制作一份记录到终端的记录。对于那些想要真实记录终端回话的人来说，这很有用。该记录可以保持并再通过scriptreplay将记录打印出来。

script如何使用?

环境说明

client –> server
192.168.200.108 –> 192.168.200.109

在server端部署script命令将所有登录server端的操作进行记录

测试过程

server端添加script配置

# cat >>/etc/profile<EOF
/usr/bin/script -q -t 2> test.time -a test.out
EOF
# source /etc/profile

相关命令含义及帮助信息获取 script -h

client端登录及进行测试操作

[root@linux-node8 ~]# ssh 192.168.200.109
The authenticity of host '192.168.200.109 (192.168.200.109)' can't be established.
ECDSA key fingerprint is 2a:d8:e2:3a:ff:a5:58:a2:bd:95:4f:24:c2:6c:5f:ef.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.200.109' (ECDSA) to the list of known hosts.
[email protected]'s password:
Last login: Tue Jan 30 02:39:08 2018 from 192.168.200.109
[root@linux-node9 ~]# ls -l
total 12
-rw-------. 1 root root 1086 Feb 26  2017 anaconda-ks.cfg
-rw-r--r--  1 root root  941 Jan 29 22:04 output.session
drwxr-xr-x  7 root root 4096 Jan 30 01:54 sails_ng2
-rw-r--r--  1 root root    0 Jan 30 02:42 test.out
-rw-r--r--  1 root root    0 Jan 30 02:42 test.time
[root@linux-node9 ~]# cd /tmp/
[root@linux-node9 tmp]# ls -l
total 12
-rw-r--r-- 1 root root 5091 Jan 29 22:08 1.sh
drwxr-xr-x 3 root root   31 Jan 30 01:23 npm-19339-7b8a1a00
drwxr-xr-x 3 root root   36 Jan 30 01:25 npm-19365-808458ee
drwxr-xr-x 3 root root   36 Jan 30 01:26 npm-19423-03b73ac5
drwxr-xr-x 3 root root   36 Jan 30 01:27 npm-19441-10c6e4bd
drwxr-xr-x 3 root root   36 Jan 30 01:27 npm-19459-6f963331
drwxr-xr-x 3 root root   36 Jan 30 01:28 npm-19500-8de291f9
drwxr-xr-x 3 root root   36 Jan 30 01:45 npm-19518-b7afde47
drwxr-xr-x 3 root root   36 Jan 30 01:48 npm-19594-537e65dd
-rw-r--r-- 1 root root   80 Jan 29 22:08 typescript
[root@linux-node9 tmp]# hostname
linux-node9.example.com
[root@linux-node9 tmp]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.56.109  netmask 255.255.255.0  broadcast 192.168.56.255
        inet6 fe80::20c:29ff:fe38:e059  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:38:e0:59  txqueuelen 1000  (Ethernet)
        RX packets 98894  bytes 118438142 (112.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 57671  bytes 4863082 (4.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.200.109  netmask 255.255.255.0  broadcast 192.168.200.255
        inet6 fe80::20c:29ff:fe38:e063  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:38:e0:63  txqueuelen 1000  (Ethernet)
        RX packets 10833  bytes 986958 (963.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 14042  bytes 3870841 (3.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 296  bytes 45994 (44.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 296  bytes 45994 (44.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@linux-node9 tmp]# exit
[root@linux-node9 ~]# logout
Connection to 192.168.200.109 closed.

scriptreplay如何使用？

测试后会在192.168.200.109的用户家目录下生成记录文件，我们在通过scriptreply进行操作回放，查看用户操作记录。

# /usr/bin/scriptreplay -t test.time test.out

应用场景

1、应用到跳板机上做用户行为记录和审计
2、向多个用户广播自己的终端操作

======================================================
希望各位朋友支持一下

• 领取我的阿里云幸运券,谢谢.
• 使用腾讯云资源
• Linode VPS
• 搬瓦工VPS
• 阿里云1888元云产品通用代金券点我
• 阿里云最新活动全民云计算升级-拼团上云更优惠

本文作者：dongsheng
本文地址： https://mds1455975151.github.io/archives/efc9beb8.html
版权声明：转载请注明出处！