Adding further to what Joseph has provided, if you are looking a solution from CA / Broadcom, you can look at deploying CA PAM SC endpoint application on the target device (applicable to Unix target devices), and after deployment, you can enable keyboard logger feature.
The keyboard logger feature would capture all the key strokes performed by the logged in user and save the same in a Audit file and this audit data can be exported to test format.
You can test this in your test environment on a few of your Linux hosts and also look at all the use cases for the end client along with PAM SC endpoint and CA PAM being integrated.
Thanks,
Reatesh.
------------------------------
Principal Support Engineer
Broadcom
------------------------------
Original Message:
Sent: 07-08-2019 11:50 AM
From: Joseph Fry
Subject: User Activity logs on ca Pam
I don't believe this is possible. Session recordings is the only way to see what was done during the session... at least from PAM.
You might look to see if you can record sessions locally on the end device. On linux this can be done using 'ttyrec' or 'script'... not sure about others. This blog post (not affiliated or supported by broadcom) has a decent description on using script to record user sessions: https://www.2daygeek.com/automatically-record-all-users-terminal-sessions-activity-linux-script-command/
I believe that this was a feature request (text based session recording dump), along with the ability to export video sessions to a portable video format, however I am not aware if this is on the product roadmap.
Joe
Original Message:
Sent: 07-06-2019 05:04 AM
From: Prachi.Nirav Chandan
Subject: User Activity logs on ca Pam
Hello,
Can we get users complete activity logs in text format other then session recordings?
Example: User logged in on ssh and performed some activities.
we want complete activity logs of that user ( each and every step) in test format.
Kindly let us know how to achieve this logs.
Regards.