can guacamole record the commands used by the remote users for linux ?

["Oliver.Zhan" <zh...@hikvision.com>]

can guacamole record the commands used by the remote users for linux ?

like this :
1

exit

admin

centos-10.65.128.6

sysadmin

2018-06-19 18:05:42

2

sftp

admin

centos-10.65.128.6

sysadmin

2018-06-19 18:05:25

3

sudo -i

admin

centos-10.65.128.6

sysadmin

2018-06-19 18:04:09



简单     实用     优雅
---------------------
技术开发组 张建平（zhangjianping）
TEL：0571-88075998-69364
-----------------------------------------------------------------------------------------------
本邮件及其附件含有海康威视公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！
This e-mail and its attachments contain confidential information from HIKVISION, which is intended only for  the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other  than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!


________________________________
CONFIDENTIALITY NOTICE:

This electronic message is intended to be viewed only by the individual or entity to whom it is addressed. It may contain information that is privileged, confidential and exempt from disclosure under applicable law. Any dissemination, distribution or copying of this communication is strictly prohibited without our prior permission. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, or if you have received this communication in error, please notify us immediately by return e-mail and delete the original message and any copies of it from your computer system. For further information about Hikvision company. please see our website at www.hikvision.com<http://www.hikvision.com>

Re: can guacamole record the commands used by the remote users for linux ?

[Nick Couchman <vn...@apache.org>]

On Mon, Jun 25, 2018 at 1:16 AM Oliver.Zhan <zh...@hikvision.com>
wrote:

> can guacamole record the commands used by the remote users for linux ?
>
>
>
> like this :
>
> 1
>
> exit
>
> admin
>
> centos-10.65.128.6
>
> sysadmin
>
> 2018-06-19 18:05:42
>
> 2
>
> sftp
>
> admin
>
> centos-10.65.128.6
>
> sysadmin
>
> 2018-06-19 18:05:25
>
> 3
>
> sudo -i
>
> admin
>
> centos-10.65.128.6
>
> sysadmin
>
> 2018-06-19 18:04:09
>
>
>


Guacamole can be configured to record the sessions, both graphically (for
RDP and VNC), and text-based (for Telnet and SSH), such that a history
could be retrieved.  Graphical sessions can also be run through the guaclog
binary, which can provide you with a log of mouse movements and
keystrokes.  However, there is no utility available today in the Guacamole
source code that would give you the output that you have above - you would
need to write your own utility to parse the recordings and then generate
the list from above.  It would be slightly challenging to do this in a
reliable way - you'd have to figure out how to determine when the user
enters a command (presses return, for example), and how to determine when
that particular keystroke is actually the execution of a command verses
responding to a prompt, etc.

I'll point out that, while Guacamole certainly has some components that
would give you the ability to make this happen, that's not its primary
role, and you'd probably be better off implementing something at the O/S
level to tell you this and using that information rather than trying to get
Guacamole to do this for you.  For example, the auditd framework available
in most Linux distributions can detect and log execution events.  Usually
that's done via syslog, so you can take that log output and send it to a
file, or to a central syslog server, or perhaps even a ELK stack, and get
the sort of succinct graphical representation you're looking for.

-Nick