tlog-rec-session.conf - Man Page
tlog-rec-session configuration file
Description
tlog-rec-session.conf is a JSON-format configuration file for tlog-rec-session program. Contrary to the strict JSON specification, both C and C++ style comments are allowed in the file.
The file must contain a single JSON object with the objects and fields described below. Almost all of them are optional and assume a default value. However, those that do require a value can still be omitted and specified to tlog-rec-session in other ways: through environment variables or command line.
Objects and Fields
Root object
- shell (string)
The path to the shell executable which should be spawned.
Default: "/bin/bash"
- notice (string)
A message which will be printed before starting recording and the user shell. Can be used to warn the user that the session is recorded.
Default: "\nATTENTION! Your session is being recorded!\n\n"
- latency (integer)
The number of seconds to cache captured data for before logging. The encoded data which does not reach payload size stays in memory and is not logged until this number of seconds elapses.
Minimum: 1
Default: 10- payload (integer)
The maximum encoded data (payload) size per message, bytes. As soon as payload exceeds this number of bytes, it is formatted into a message and logged.
Minimum: 32
Default: 2048- log (object)
Logged data set object, see below.
- limit (object)
Logging limit object, see below.
- file (object)
File writer object, see below.
- syslog (object)
Syslog writer object, see below.
- journal (object)
Journal writer object, see below.
- writer (string)
The type of "log writer" to use for logging. The writer needs to be configured using its dedicated parameters.
One of: "journal", "syslog", "file"
Default: "journal"
log - Logged data set object
- input (boolean)
If true, user input is logged.
Default: false
- output (boolean)
If true, terminal output is logged.
Default: true
- window (boolean)
If true, terminal window size changes are logged.
Default: true
limit - Logging limit object
- rate (integer)
The maximum rate messages could be logged at, bytes/sec.
Minimum: 0
Default: 16384- burst (integer)
The number of bytes by which logged messages are allowed to exceed the rate limit momentarily, i.e. "burstiness".
Minimum: 0
Default: 32768- action (string)
The logging limit action. If set to "pass" no logging limits will be applied. If set to "delay", logging will be throttled. If set to "drop", messages exceeding limits will be dropped.
One of: "pass", "delay", "drop"
Default: "pass"
file - File writer object
- path (string)
The "file" writer log file path.
No default.
syslog - Syslog writer object
- facility (string)
The syslog facility "syslog" writer should use for messages.
One of: "auth", "authpriv", "cron", "daemon", "ftp", "kern", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7", "lpr", "mail", "news", "syslog", "user", "uucp"
Default: "authpriv"- priority (string)
The syslog priority "syslog" writer should use for messages.
One of: "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug"
Default: "info"
journal - Journal writer object
- priority (string)
The syslog-style priority "journal" writer should use for messages.
One of: "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug"
Default: "info"- augment (boolean)
If true, the "journal" writer copies the following JSON fields to Journal fields: user -> TLOG_USER, session -> TLOG_SESSION, rec -> TLOG_REC, and id -> TLOG_ID.
Default: true
Examples
- A configuration specifying only a shell:
{ "shell": "/usr/bin/zsh" }- A configuration enabling logging user input:
{ "log": { "input": true } }- A configuration specifying logging to a file:
{ "writer": "file" "file" : { "path": "/var/log/tlog-rec-session.log" } }
See Also
Author
Nikolai Kondrashov <spbnick@gmail.com>