Session recording

[Mark Komarinski]

This may be beating a dead horse and may not be what you're looking for, 
but I got some information today you may want.

On 03/28/2008 09:48 PM, Kenny Lussier wrote:
> All,
>
> I am looking for a way to record terminal sessions on Linux systems
> (usually people logging into boxes via ssh). Basically, I need to log
> everything from the time a user logs in to the time they log out,
> including all commands, output of commands, etc. The output isn't
> essential, but it would be good to have. Preferably something that
> logs it all to syslog so it can be shipped off to a remote logging
> server, but anything that logs in plain text will do. Using script
> isn't an option because it logs all of the control characters, and
> sudosh doesn't work because it logs in a binary format.
>
> Has anyone used any of the kernel keystroke loggers? Can someone
> comment on anything that they have used and why it is better/worse
> then anything else? Commercial products are also an option, if anyone
> knows of anything.
>   

We use a product called Centrify DirectControl 
(http://www.centrify.com/) to allow the 400-ish users of our cluster to 
authenticate off AD.  They have another product called DirectAudit that 
is supposed to be able to record an entire session and allow you to play 
it back later - they make the claim "Tivo for UNIX".  It's geared for 
HIPPA/SOX compliance, so it may meet your needs.

It's a commercial app, and if it's anything like DirectControl, it's not 
cheap.  In our case, it was worth the money (and still is) to not have 
to worry about authentication.

I have more links to the product and contact info for the people in this 
area if you're interested.

-Mark