Scroll to navigation

tlog-rec-session.conf(5) File Formats Manual tlog-rec-session.conf(5)

NAME

tlog-rec-session.conf - tlog-rec-session configuration file

DESCRIPTION

tlog-rec-session.conf is a JSON-format configuration file for tlog-rec-session program. Contrary to the strict JSON specification, both C and C++ style comments are allowed in the file.

The file must contain a single JSON object with the objects and fields described below. Almost all of them are optional and assume a default value. However, those that do require a value can still be omitted and specified to tlog-rec-session in other ways: through environment variables or command line.

OBJECTS AND FIELDS

Root object

The path to the shell executable which should be spawned.

Default: "/bin/bash"

A message which will be printed before starting recording and the user shell. Can be used to warn the user that the session is recorded.

Default: "\nATTENTION! Your session is being recorded!\n\n"

The number of seconds to cache captured data for before logging. The encoded data which does not reach payload size stays in memory and is not logged until this number of seconds elapses.

Minimum: 1
Default: 10

The maximum encoded data (payload) size per message, bytes. As soon as payload exceeds this number of bytes, it is formatted into a message and logged.

Minimum: 32
Default: 2048

Logged data set object, see below.
Logging limit object, see below.
File writer object, see below.
Syslog writer object, see below.
Journal writer object, see below.
The type of "log writer" to use for logging. The writer needs to be configured using its dedicated parameters.

One of: "journal", "syslog", "file"
Default: "journal"

log - Logged data set object

If true, user input is logged.

Default: false

If true, terminal output is logged.

Default: true

If true, terminal window size changes are logged.

Default: true

limit - Logging limit object

The maximum rate messages could be logged at, bytes/sec.

Minimum: 0
Default: 16384

The number of bytes by which logged messages are allowed to exceed the rate limit momentarily, i.e. "burstiness".

Minimum: 0
Default: 32768

The logging limit action. If set to "pass" no logging limits will be applied. If set to "delay", logging will be throttled. If set to "drop", messages exceeding limits will be dropped.

One of: "pass", "delay", "drop"
Default: "pass"

file - File writer object

The "file" writer log file path.

No default.

syslog - Syslog writer object

The syslog facility "syslog" writer should use for messages.

One of: "auth", "authpriv", "cron", "daemon", "ftp", "kern", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7", "lpr", "mail", "news", "syslog", "user", "uucp"
Default: "authpriv"

The syslog priority "syslog" writer should use for messages.

One of: "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug"
Default: "info"

journal - Journal writer object

The syslog-style priority "journal" writer should use for messages.

One of: "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug"
Default: "info"

If true, the "journal" writer copies the following JSON fields to Journal fields: user -> TLOG_USER, session -> TLOG_SESSION, rec -> TLOG_REC, and id -> TLOG_ID.

Default: true

EXAMPLES

{

"shell": "/usr/bin/zsh" }

{

"log": {
"input": true
} }

{

"writer": "file",
"file" : {
"path": "/var/log/tlog-rec-session.log"
} }

SEE ALSO

tlog-rec-session(8), http://json.org/

AUTHOR

Nikolai Kondrashov <spbnick@gmail.com>

February 2016 Tlog