https://linoxide.com/linux-how-to/tlog-tool-record-play-terminal-io-sessions
Tlog is a terminal I/O
recording and playback package for Linux Distros. It's suitable for
implementing centralized user session recording. It logs everything that
passes through as JSON messages. The primary purpose of logging in JSON
format is to eventually deliver the recorded data to a storage service
such as Elasticsearch, where it can be searched and queried, and from
where it can be played back. At the same time, they retain all the
passed data and timing.
Tlog contains three tools namely tlog-rec, tlog-rec-session and tlog-play.
Firstly, a user authenticates to login via PAM. The Name Service Switch (NSS) provides the information as
Tlog contains three tools namely tlog-rec, tlog-rec-session and tlog-play.
Tlog-rec tool
is used for recording terminal input or output of programs or shells in general.Tlog-rec-session tool
is used for recording I/O of whole terminal sessions, with protection from recorded users.Tlog-play tool
for playing back the recordings.
Installation
Before proceeding with the install, we need to ensure that our system meets all the software requirements for compiling and installing the application. On the first step, update your system repositories and software packages by using the below command.#yum updateWe need to install the required dependencies for this software installation. I've installed all dependency packages with these commands prior to the installation.
#yum install wget gcc #yum install systemd-devel json-c-devel libcurl-devel m4After completing these installations, we can download the source package for this tool and extract it on your server as required:
#wget https://github.com/Scribery/tlog/releases/download/v3/tlog-3.tar.gz #tar -xvf tlog-3.tar.gz # cd tlog-3Now you can start building this tool using our usual configure and make approach.
#./configure --prefix=/usr --sysconfdir=/etc && make #make install #ldconfigFinally, you need to run
ldconfig
.
It creates the necessary links and cache to the most recent shared
libraries found in the directories specified on the command line, in the
file /etc/ld.so.conf, and in the trusted directories (/lib and
/usr/lib).Tlog workflow chart
Firstly, a user authenticates to login via PAM. The Name Service Switch (NSS) provides the information as
tlog
is a shell to the user. This initiates the tlog section and it collects
the information from the Env/config files about the actual shell and
starts the actual shell in a PTY. Then it starts logging everything
passing between the terminal and the PTY via syslog or sd-journal.Usage
You can test if session recording and playback work in general with a freshly installed tlog, by recording a session into a file withtlog-rec
and then playing it back with tlog-play
.Recording to a file
To record a session into a file, executetlog-rec
on the command line as such:tlog-rec --writer=file --file-path=tlog.logThis command will record our terminal session to a file named tlog.log and save it in the path specified in the command.
Playing back from a file
You can playback the recorded session during or after recording usingtlog-play
command.tlog-play --reader=file --file-path=tlog.logThis command reads the previously recorded file tlog.log from the file path mentioned in the command line.
No comments:
Post a Comment