on 08-04-2017 11:21 PM
Hi All,
Recently we have issue like in /usr/sap/trans folder all files/folders permissons are changed from prod SID to Non prd SID. so, for this how to How to Know the which user run which command in Linux server to change this permission?
it means which user/terminal server, date and time?
it is very helpful to find out the root-cause
Regards,
Basis
There are quite a few options for user activity tracing in Linux, but one I like is the auditd daemon. For Red Hat Enterprise Linux you can find the documentation here:
Best regards
Frank
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.