Scribery Session Recording
marcusquinn last edited by
- This covers your arse for anything you do with SSH support.
- Compliance & Due Diligence in server administration and access.
- Make a one instance of Cloudron able to receive the logs from another for separation of data that ought to be immutable for auditing requirements.
"The Scribery project is an effort to design and implement an Open-Source solution for recording user sessions on Linux systems.
Many companies need to have their systems used, or even managed by people they don’t entirely trust: contractors, outsourced support, peripheral IT staff, etc. It helps to know what these users or operators were doing on your systems, or even what they’re doing right now, so you can not only prevent repeated issues, but also stop an incident about to happen.
Government, medical and certain other organizations can be required by law to collect recordings of user sessions. Financial organizations require tight tracking of what's happening on their systems. Support desks also appreciate a way to look back at what exactly led to an issue, so they don’t need to talk through a user’s recollection of events.
We're working on supporting recording of text terminal sessions (e.g. login at the console, via SSH, or telnet). The recorded data includes what user enters into the terminal and sees on the screen, what commands the user executes, what files he/she accesses and how, and other data relevant to the session.
To support centralized architecture and to take the recording away from the user system where it cannot be kept safely, we stream it via the conventional logging system to a central storage. Then, the auditors, or support, can search, correlate, and playback the recordings from that central location.
The solution is being integrated with a central identity and policy management system, so that administrators could specify which users to record where centrally."
scooke last edited by
@marcusquinn Yeah, I for one would love for my screw-ups and poking-arounds to be recorded. Would sure save time on re-Googling commands!