Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Log sudo history

https://support.nagios.com/forum/viewtopic.php?t=65535

Page 1 of 1

Log sudo history

Posted: Thu Jan 12, 2023 4:56 am
by stsysadm
Good Morning,

I need your help to solve a problem.
is it possible to configure nagios ls to accept sudo history?
I tried to configure it to accept local1 (configured by default in /etc/sudoers) but once I've elevated my user to root, I can't rebuild the commands I run from nagios log server

thanks to anyone who can help me

Re: Log sudo history

Posted: Wed Nov 08, 2023 12:21 pm
by bbahn
Hello stsysadm,

To configure Nagios Log Server to accept sudo history, you will first need to set up logging sudo commands.
  1. You seem to have already set up sudo logging such as with the following in your sudoers file

    Code: Select all

    Defaults logfile="/var/log/sudo.log"
Defaults syslog=local1
    and updated the rsyslog to add something like the following:

    Code: Select all

    local1.*                            /var/log/sudo.log
  2. Next you need to add this logging to your NLS server. You can do this using

    Code: Select all

    curl -sS -O http://nls_ip_address/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s log_source_ip -p nls_port -f "/var/log/sudo.log" -t FILE_TAG
If this doesn't solve your issue, please elaborate on what specifically your issues are.
Thank you.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited