0

Possible Duplicate:
Best way to monitor file system changes in linux

I need your help. How can I log activities done using SSH on a linux server - activities like create file or dir, delete file or dir, rename file or dir for a particular path. I need some solution any bash, python or php script or if there is any option in linux using which I can watch all activities done on a particular path or folder. I need to use those logs for syncing purpose.

OK, Let me explain you the entire scenario. I am working on sync tool we are using Samba for sharing all the files and folders and I need these files to be synced across the network. I grep samba log to watch the activities done by clients like create file or folder, delete file and folder and rename file or folder I am using these log for my syncing tool and its working fine. But I am only getting logs when changes are done using samba - if the change are done using SSH those activities are not logged and will not be synced. So I need to grep log for the changes made using SSH for a particular path (for example: /mnt/test) - changes made in test folder like create delete and rename.

Community
  • 1
  • 1
user1993197
  • 1
  • 1
  • 2
    Definitely this was asked here before http://stackoverflow.com/q/8381566/1328439. – Dima Chubarov Jan 19 '13 at 16:49
  • Maybe if you describe more about the problem, there might be other ways of looking at it. For example, a dry-run rsync could tell you what needs to happen to synchronize, or maybe you could just flat-out use rsync to manage the sync anyway. – Paul Dixon Jan 19 '13 at 16:49
  • I add more information about my problem. – user1993197 Jan 19 '13 at 17:26
  • use a shared filesystem, like glusterfs. Or if it isn't about filesystem synchronization between servers, check FAM. – Dutow Jan 19 '13 at 17:27

1 Answers1

0

As I understand what's happening here is this.

There is a Samba server that exports a filesystem with multiple users and a bunch of users that have direct access to the filesystem (they log on via SSH). And this filesystem needs to be replicated to another location.

The TS is developing a tool to perform the replication.

There are at least two options here.

  1. A more conventional way to do this would be to run rsync between the two locations at regular intervals. Thus the replicas will not be always consistent, but it is easy and the system is partition tolerant and available. That is this this method chooses "A" and P" from the "CAP" theorem.

  2. Another method inspired by the popularity of Dropbox-like cloud storage and instant replication is to watch the filesystem. That can be accomplished with inotify or fam.

    The interfaces for inotify are available in most scripting languages including Perl, Python and PHP. This trades consistency for availability. That is until a large file has been replicated it would not be accessible on the other side.

    The interfaces for FAM are available in PHP and probably other languages. See the linked question for a discussion of different filesystem monitoring APIs.

The first option is essentialy a one-liner. The second option should not be too hard either (look at the Dropbox daemon sources for an example).

Note: Replication is a recurring topic at Serverfault.com.

Community
  • 1
  • 1
Dima Chubarov
  • 16,199
  • 6
  • 40
  • 76