Friday, 6 March 2015

Extended logging with SNOOPY

When it comes to security, snoopy is a handy tool for system engineers. Snoopy logs all commands and the user details to ‘/var/log/secure’.

Installing and uninstalling snoopy is very easy.

Installation procedure:
-------
cd /var/tmp/
wget http://pkgs.fedoraproject.org/repo/pkgs/snoopy/snoopy/1.9.0.tar.gz/809b8503ab795893e0f931cfdac34cbf/snoopy-1.9.0.tar.gz
tar xvf snoopy-1.8.0.tar.gz
cd snoopy-1.8.0
./configure
make
make install
make enable
-------

The above steps will enable snoopy and we will able to see the logs in detail  in "/var/log/secure"

Uninstall snoopy:
--------------------
Now, if we need to uninstall snoopy. The steps are as below:
-----
vi /etc/ld.so.preload  >> Remove the content in the file
rm /usr/local/lib/snoopy.so
-----

Now if you run "make enable", you will see the below message:
------
[root@rhel-test1 snoopy-snoopy-1.9.0]# make enable
./enable.sh /usr/local/lib
ERROR: /usr/local/lib/snoopy.so is not installed or is not executable
make: *** [enable] Error 1
-------

Kool : Enjoy snoopy :)

No comments:

Post a comment

Note: only a member of this blog may post a comment.