مانیتورینگ فعالیت کاربران در لینوکس با psacct
گروه آموزشی مجموعه تدبیر
Installing psacct or acct Packages
psacct or acct both are similar packages and there is not much difference between them, but the psacct package only available for rpm based distributions such as RHEL, CentOS andFedora, whereas acct package available for distributions like Ubuntu, Debian and Linux Mint.
To install psacct package under rpm based distributions issue the following yum command.
# yum install psacct
To install acct package using apt-get command under Ubuntu / Debian / Linux Mint.
$ sudo apt-get install acct OR # apt-get install acct
Starting psacct or acct service
By default psacct service is in disabled mode and you need to start it manually underRHEL/CentOS/Fedora systems. Use the following command to check the status of service.
# /etc/init.d/psacct status Process accounting is disabled.
You see the status showing as disabled, so let’s start it manually using the following both commands. These two commands will create a /var/account/pacct file and start services.
# chkconfig psacct on # /etc/init.d/psacct start Starting process accounting: [ OK ]
After starting service, check the status again, you will get status as enabled as shown below.
# /etc/init.d/psacct status Process accounting is enabled.
Under Ubuntu, Debian and Mint service is started automatically, you don’t need to start it again.
Display Statistics of Users Connect Time
ac command without specifying any argument will displays total statistics of connect time in hours based on the user logins/logouts from the current wtmp file.
# ac
total 1814.03
Display Statistics of Users Day-wise
Using command “ac -d” will prints out the total login time in hours by day-wise.
# ac -d
Sep 17 total 5.23 Sep 18 total 15.20 Sep 24 total 3.21 Sep 25 total 2.27 Sep 26 total 2.64 Sep 27 total 6.19 Oct 1 total 6.41 Oct 3 total 2.42 Oct 4 total 2.52 Oct 5 total 6.11 Oct 8 total 12.98 Oct 9 total 22.65 Oct 11 total 16.18
Display Time Totals for each User
Using command “ac -p” will print the total login time of each user in hours.
# ac -p
root 1645.18
tecmint 168.96
total 1814.14
Display Individual User Time
To get the total login statistics time of user “tecmint” in hours, use the command as.
# ac tecmint
total 168.96
Display Day-Wise Logn Time of User
The following command will prints the day-wise total login time of user “tecmint” in hours.
# ac -d tecmint
Oct 11 total 8.01 Oct 12 total 24.00 Oct 15 total 70.50 Oct 16 total 23.57 Oct 17 total 24.00 Oct 18 total 18.70 Nov 20 total 0.18
Print All Account Activity Information
The “sa” command is used to print the summary of commands that were executed by users.
# sa
2 9.86re 0.00cp 2466k sshd*
8 1.05re 0.00cp 1064k man
2 10.08re 0.00cp 2562k sshd
12 0.00re 0.00cp 1298k psacct
2 0.00re 0.00cp 1575k troff
14 0.00re 0.00cp 503k ac
10 0.00re 0.00cp 1264k psacct*
10 0.00re 0.00cp 466k consoletype
9 0.00re 0.00cp 509k sa
8 0.02re 0.00cp 769k udisks-helper-a
6 0.00re 0.00cp 1057k touch
6 0.00re 0.00cp 592k gzip
6 0.00re 0.00cp 465k accton
4 1.05re 0.00cp 1264k sh*
4 0.00re 0.00cp 1264k nroff*
2 1.05re 0.00cp 1264k sh
2 1.05re 0.00cp 1120k less
2 0.00re 0.00cp 1346k groff
2 0.00re 0.00cp 1383k grotty
2 0.00re 0.00cp 1053k mktemp
2 0.00re 0.00cp 1030k iconv
2 0.00re 0.00cp 1023k rm
2 0.00re 0.00cp 1020k cat
2 0.00re 0.00cp 1018k locale
2 0.00re 0.00cp 802k gtbl
Where
- 9.86re is a “real time” as per wall clock minutes
- 0.01cp is a sum of system/user time in cpu minutes
- 2466k is a cpu-time averaged core usage, i.e. 1k units