Home > monitoring > Is it possible to log every access to disk/directory?

Is it possible to log every access to disk/directory?

July 11Hits:1
Advertisement

I need some script which will log (just output to the console or file) every access to some disk or directory (either works for me). I would also like to know what exactly (which subdirectory or file) was accessed. My system is ubuntu linux. Is it possible and how can I do it?

Answers

Take a look at inotify, that's pretty much exactly what it's built for. IBM have a half-decent introduction (though somewhat out of date) at http://www.ibm.com/developerworks/linux/library/l-inotify.html

If it's to monitor the actions of a single program strace with a simple filter script is what you want, more generally look at SElinux's "auditd".

http://en.wikipedia.org/wiki/Strace http://linux.die.net/man/8/auditd

On the windows side look at filemon from the SysInternals guys.

http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

You can use incron, which is a cron-like tool for filesystem events from inotify.

You can define an action to be executed everytime IN_ACCESS event occur.

Configuration is as easy as cron:

<path> <mask> <command>

Where:

  • <path> is a filesystem path (each whitespace must be prepended by a backslash)
  • <mask> is a symbolic (see inotify.h; use commas for separating symbols) or numeric mask for events
  • <command> is an application or script to run on the events

If you are really sure you want to see that large output then you can use auditd. But it may cause infinite loop if you want to print it to a file as any access to a file would mean printing about that to your log file. Printing to log file is also access to a file so it should get printed to log file too. So be careful.

Even if there is no infinite loop the amount of data this will print should be really large. If you change your question to what do you want to achieve with this monitoring may be people can suggest a better way then logging access to all files.

Related Articles

  • Is it possible to log every access to disk/directory?July 11

    I need some script which will log (just output to the console or file) every access to some disk or directory (either works for me). I would also like to know what exactly (which subdirectory or file) was accessed. My system is ubuntu linux. Is it po

  • How to disable apache logging when accessing certain directories?March 7

    How do I get apache to prevent http requests from being logged on a directory basis? I want to do something alike <IfModule mod_userdir.c> UserDir public_html <Directory /home/*/public_html/nolog> Options NoAccessLog </Directory> </If

  • Log LDAP access of the Active directoryOctober 20

    I am looking for a method to log ldap access of a Active Directory domain controller. I want to be able to log the username and source IP address access to both 389, and 636(encrypted). A simple packet capture would get me the source IP, but getting

  • AWStats: cannot access /var/log/apache2/access.logJanuary 14

    I installed awstats on my new Ubuntu Lucid server, but when cron tries to run it as user www-data, it complains that cannot access /var/log/apache2/access.log: Permission denied. In /usr/share/doc/awstats/README.Debian there's this paragraph: By defa

  • /var/log/squid/access.log is empty when I use proxy from remote computersJune 15

    I have configured squid to work as NAT using apt-get install squid iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --t

  • What is freebiespro.co.uk doing in my /var/log/apache2/access.log?June 3

    I am totally beginner in apache, but I've noticed that there is a line in my /var/log/apache2/access.log GET http://www.freebiespro.co.uk/getip.php HTTP/1.0 from a Chinese IP 222.215.230.175 I live in Europe. I've just started the server (in 15 minut

  • Apache other_vhosts_access.log and access.log log filesMarch 11

    Got a weird issue with the apache access logs. I am getting an entry for the site written to /var/log/apache2/access.log AND /var/log/apache2/other_vhosts/access.log I am using Debian 6, with the latest Apache in the repo. When I look at the file /et

  • Logging SSH access attemptsMay 1

    I've configured an ubuntu server with openssh in order to connect to it and execute commands from a remote system like a phone or a laptop. The problem is... I'm probably not the only one. Is there a way to know all the login attempts that have been

  • Moving SQL Server 2008 R2 Logs Causing Access Denied ErrorJuly 28

    I have just tried moving the log location for the SQL server 2008 R2 logs as I have a fairly small System disk due to the massive size of the Winsxs folder, and now I am getting the following error in the logs: initerrlog: Could not open error log fi

  • nginx logging to access.log.1 instead of access.log, logrotate failing?October 23

    I have an nginx instance that is set to log access to /var/log/nginx/access.log and errors to /var/log/nginx/errors.log, but as soon as logrotate runs each week, the file gets moves to *.log.1 and the new *.log file gets created, but nginx continues

  • PCI DSS - mask PAN and log individual access to PANNovember 13

    How do you re-conciliate two PCI DSS requirements in applications: 3.3 Mask PAN when displayed (the first six and last four digits are the maximum number of digits to be displayed), such that only personnel with a legitimate business need can see the

  • Where does Ubuntu 14.04 log SSH access attempts?June 25

    Trying to find out why fail2ban is not working. Where does Ubuntu 14.04 log SSH access attempts? --------------Solutions------------- All login attempts are logged to /var/log/auth.log Search for brute-force SSH logins Run this command: grep sshd.\*F

  • Is there a way to allow an apache2 logged in user to access a specific directory dynamically?December 22

    This is surprisingly a very difficult problem to solve. I want to allow my Linux users to login to Apache2 and have access to their own directory(ies) only. I've managed to get Linux users to authenticate to Apache2 using PAM and that works great. Ho

  • Fail2ban-regex filters not working in Nginx (returning Missed line(s): /var/log/nginx/access.log)February 16

    I've set up Fail2Ban on my Nginx Ubuntu 14.04 server following these instructions, which seem to have worked for most folks. When testing any of the filters that point to /var/log/nginx/access.log with fail2ban-regex however, I am getting no matches

  • Limiting ssh user account only to access his home directory!April 16

    By reading some tutorials online I used these commands: Make a local group: net localgroup CopsshUsers /ADD Deny access to this group at top level: cacls c:\ /c /e /t /d CopsshUsers Open access to the copSSH installation directory: cacls copssh-inst-

  • Can I link log files to my web directory var/www?September 25

    Can I link log files to my web directory var/www ? so I have var/www/logs And then remove reading permission to others in my unix link preferences ? By the way can I change links preferences ? --------------Solutions------------- Yes you can link to

  • IIS7 and Wordpress - Admin has no access to theme directoryDecember 17

    After updating my Wordpress site running on IIS7 to version 3.0.3 I tried updating the theme (LightWord) to the latest version. The theme auto upgrade feature failed so I logged into my server and tried to access the directory of the theme via the fi

  • samba share on windows 7 won't give me access to /var but gives me access to everyother directoryMay 19

    i have samba share set up to give me access to my linux box from my windows 7 machine, everything is fine, except i can't access the /var director for some reason through windows. however, i can access every other directory no problem I the error i g

  • Can I create an SSH user which can access only certain directory?June 18

    I have a Virtual Private Server which I can connect to using SSH with my root account, being able to execute any linux command and access all the disk area, obviously. I would like to create another user account, which would be able to access this se

  • Access permissions for directory in LinuxNovember 25

    I have a programm which creates log files in web-server directory (/var/www/log). Every day it generates one new log file. I've set access permissions for this directory to 777 chmod 777 -R /var/www/log But when system generates log file for new day,

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.801 s.