Your company here ā€” click to reach over 10,000 unique daily visitors

tlog-rec-session.conf - Man Page

tlog-rec-session configuration file


tlog-rec-session.conf is a JSON-format configuration file for tlog-rec-session program. Contrary to the strict JSON specification, both C and C++ style comments are allowed in the file.

The file must contain a single JSON object with the objects and fields described below. Almost all of them are optional and assume a default value. However, those that do require a value can still be omitted and specified to tlog-rec-session in other ways: through environment variables or command line.

Objects and Fields

Root object

shell (string)

The path to the shell executable which should be spawned.

Default: "/bin/bash"

notice (string)

A message which will be printed before starting recording and the user shell. Can be used to warn the user that the session is recorded.

Default: "\nATTENTION! Your session is being recorded!\n\n"

latency (integer)

The number of seconds to cache captured data for before logging. The encoded data which does not reach payload size stays in memory and is not logged until this number of seconds elapses.

Minimum: 1
Default: 10

payload (integer)

The maximum encoded data (payload) size per message, bytes. As soon as payload exceeds this number of bytes, it is formatted into a message and logged.

Minimum: 32
Default: 2048

log (object)

Logged data set object, see below.

limit (object)

Logging limit object, see below.

file (object)

File writer object, see below.

syslog (object)

Syslog writer object, see below.

journal (object)

Journal writer object, see below.

writer (string)

The type of "log writer" to use for logging. The writer needs to be configured using its dedicated parameters.

One of: "journal", "syslog", "file"
Default: "journal"

log - Logged data set object

input (boolean)

If true, user input is logged.

Default: false

output (boolean)

If true, terminal output is logged.

Default: true

window (boolean)

If true, terminal window size changes are logged.

Default: true

limit - Logging limit object

rate (integer)

The maximum rate messages could be logged at, bytes/sec.

Minimum: 0
Default: 16384

burst (integer)

The number of bytes by which logged messages are allowed to exceed the rate limit momentarily, i.e. "burstiness".

Minimum: 0
Default: 32768

action (string)

The logging limit action. If set to "pass" no logging limits will be applied. If set to "delay", logging will be throttled. If set to "drop", messages exceeding limits will be dropped.

One of: "pass", "delay", "drop"
Default: "pass"

file - File writer object

path (string)

The "file" writer log file path.

No default.

syslog - Syslog writer object

facility (string)

The syslog facility "syslog" writer should use for messages.

One of: "auth", "authpriv", "cron", "daemon", "ftp", "kern", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7", "lpr", "mail", "news", "syslog", "user", "uucp"
Default: "authpriv"

priority (string)

The syslog priority "syslog" writer should use for messages.

One of: "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug"
Default: "info"

journal - Journal writer object

priority (string)

The syslog-style priority "journal" writer should use for messages.

One of: "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug"
Default: "info"

augment (boolean)

If true, the "journal" writer copies the following JSON fields to Journal fields: user -> TLOG_USER, session -> TLOG_SESSION, rec -> TLOG_REC, and id -> TLOG_ID.

Default: true


A configuration specifying only a shell:
    "shell": "/usr/bin/zsh"
A configuration enabling logging user input:
    "log": {
        "input": true
A configuration specifying logging to a file:
    "writer": "file",
    "file" : {
        "path": "/var/log/tlog-rec-session.log"

See Also

tlog-rec-session(8), http://json.org/


Nikolai Kondrashov <spbnick@gmail.com>

Referenced By


February 2016 Tlog