ManagedCloud Servers

High performance handled and monitored by us 24/7/365. A complete solution to provide you with our in house expertise 24/7 tailored to your specific needs. We'll setup a bespoke server for your site using the latest tehnologies so you can get the most out of your hardware and get your website loading quickly and reliably. Find out more..

cPanelCloud Servers

Recommended - High performance cloud servers with no technical knowledge required. If you're hosting multiple websites already and you're looking to consolidate, or if you're looking to isolate yourself from the shared hosting environment but you don't have the time or knoweldge to manage a server, then the Managed cPanel Servers are for you. Find out more..

UnmanagedCloud Servers

Our unmanaged range gives you complete control at rock bottom prices and our cloud platform boasts super fast multipath 40Gb/s network, the latest Intel Xeon V3 CPUs and enterprise grade redundant SSDs. If you're a sysadmin look no further, we offer some of the best specification to price ratio servers available. Find out more..

Want your very own server? Get our 1GB memory, Xeon V4, 20GB SSD VPS for £10.00 / month.

View Plans

How to Install and Use Acct to Monitor a Users Activity on Ubuntu-14.04

Introduction

Acct is an open source tool for monitoring a users activity on Linux system. It is a most important task for every system administrator to monitor all the activity by all users and processes that they are running. This will help him to analyze and identify problems of any kind.

This tool runs in the background and tracks the user activity on a system and the resources consumed by services such as MySQL, Apache, FTP, SSH etc. This tool helps you to find out how long a user is accessing the server, what command are they issuing, how many processes and displays logs for commands.

In this tutorial, we will learn how to install and use acct on Ubuntu-14.04.

Requirements

  • A server runing Ubuntu-14.04.

Installing Acct

By default acct package is available in Ubuntu-14.04 repository. You can install it by running the following command:

sudo apt-get install acct

Output:

    Get:1 http://in.archive.ubuntu.com/ubuntu/ trusty/main acct amd64 6.5.5-1ubuntu5 [80.6 kB]
    Fetched 80.6 kB in 11s (6,760 B/s)                                             
    Selecting previously unselected package acct.
    (Reading database ... 271064 files and directories currently installed.)
    Preparing to unpack .../acct_6.5.5-1ubuntu5_amd64.deb ...
    Unpacking acct (6.5.5-1ubuntu5) ...
    Processing triggers for man-db (2.6.7.1-1) ...
    Processing triggers for doc-base (0.10.5) ...
    Processing 1 added doc-base file...
    Registering documents with scrollkeeper...
    Processing triggers for install-info (5.2.0.dfsg.1-2) ...
    Processing triggers for ureadahead (0.100.0-16) ...
    ureadahead will be reprofiled on next reboot
    Setting up acct (6.5.5-1ubuntu5) ...
    Turning on process accounting, file set to '/var/log/account/pacct'.
     * Done.
    Processing triggers for ureadahead (0.100.0-16) ...

Once acct is installed, start the acct service with the following command:

sudo /etc/init.d/acct start

Output:

    Turning on process accounting, file set to '/var/log/account/pacct'.
     * Done.

Displaying the Statistics of the Total Connect Time of Users

If you want to gather information of total connect time of users, just run the following command:

ac

Output:

        total       90.02

You can also gather information day wise with option -d.

ac -d

Output:

    Oct  7    total        0.14
    Oct  9    total        6.35
    Oct 10    total        9.65
    Oct 13    total        2.10
    Oct 14    total       10.95
    Oct 15    total       15.20
    Oct 17    total       15.06
    Oct 18    total       12.57
    Today    total       18.22

Using -p switch, you can get the total login time of each user in hours:

ac -p

Output:

        vyom                                90.30
        hitesh                    20.10
        lokesh                    50.00
        raj                    10.00
        total       170.40

To get the total login time of user vyom, run the following command:

ac vyom

Output:

        total       90.68

Display the day-wise total login time of user vyom, run the following command:

ac -d vyom

Output:

    Oct  7    total        0.14
    Oct  9    total        6.35
    Oct 10    total        9.65
    Oct 13    total        2.10
    Oct 14    total       10.95
    Oct 15    total       15.20
    Oct 17    total       15.06
    Oct 18    total       12.57
    Today    total       18.76

Print All Users Activity

The sa command is used to print the information about all the command executed by the user's:

sa

Output:

       11250      42.15re       0.04cp         0avio      5051k
          18      32.39re       0.04cp         0avio      4514k   ***other*
           4       0.02re       0.00cp         0avio      5253k   dpkg
           7       0.00re       0.00cp         0avio      4490k   language-option
           5       1.72re       0.00cp         0avio      3568k   fping
           2       2.00re       0.00cp         0avio     20912k   sendmail-msp
       11088       0.00re       0.00cp         0avio      4922k   preload*
          26       0.00re       0.00cp         0avio     68266k   smbd*
          12       2.00re       0.00cp         0avio      1110k   sh
          12       0.00re       0.00cp         0avio      1144k   sendmail*
           9       0.00re       0.00cp         0avio      2611k   grep
           8       0.00re       0.00cp         0avio      1081k   run-parts
           7       0.00re       0.00cp         0avio      1111k   language-valida
           7       0.00re       0.00cp         0avio      1089k   locale
           6       0.00re       0.00cp         0avio      2862k   tr
           5       0.00re       0.00cp         0avio      6388k   bash*
           5       0.00re       0.00cp         0avio      1086k   ac
           4       2.01re       0.00cp         0avio      6444k   cron*
           3       0.00re       0.00cp         0avio      1111k   acct
           3       0.00re       0.00cp         0avio     25696k   sendmail-mta*
           3       0.00re       0.00cp         0avio      2864k   touch
           3       0.00re       0.00cp         0avio      2856k   basename
           3       0.00re       0.00cp         0avio      2271k   rm
           3       0.00re       0.00cp         0avio      2269k   cat
           3       0.00re       0.00cp         0avio       700k   accton
           2       2.00re       0.00cp         0avio      1144k   sendmail
           2       0.00re       0.00cp         0avio      2154k   sed

You can use -u switch to print individual users activity on system:

sa -u

Output:

    root       0.00 cpu     1050k mem      0 io accton          
    root       0.00 cpu     1111k mem      0 io acct            
    root       0.00 cpu     1111k mem      0 io invoke-rc.d     
    root       0.00 cpu     1111k mem      0 io acct.postinst   
    root       0.00 cpu     1111k mem      0 io ureadahead.post 
    root       0.15 cpu     6528k mem      0 io dpkg            
    root       0.00 cpu     2864k mem      0 io touch           
    root       0.00 cpu     1111k mem      0 io sh              
    root       0.00 cpu    26272k mem      0 io apt-get         *
    root       0.00 cpu     4828k mem      0 io dpkg            
    root       0.00 cpu     4828k mem      0 io dpkg            
    root       0.00 cpu     4828k mem      0 io dpkg            
    root       2.09 cpu    12658k mem      0 io apt-get         

Printing Number of Processes

You can use -m switch with sa command to print the total number of processes and CPU minutes.

sa -m

Output:

                                        13457      46.67re       0.05cp         0avio      5052k
    root                                13361      37.93re       0.04cp         0avio      5068k
    vyom                                   54       0.03re       0.01cp         0avio      2432k
    smmsp                                  36       6.00re       0.00cp         0avio      3063k
    smokeping                               6       2.71re       0.00cp         0avio      3568k

You can print the highest percentage of users using -c switch:

sa -c

Output:

       16283  100.00%      91.14re  100.00%       0.06cp  100.00%         0avio      5055k
          15    0.09%      68.25re   74.89%       0.04cp   71.60%         0avio      4620k   ***other*
           7    0.04%       1.80re    1.98%       0.01cp   19.34%         0avio      2294k   sa
           4    0.02%       0.02re    0.02%       0.00cp    4.53%         0avio      5253k   dpkg
           7    0.04%       0.00re    0.00%       0.00cp    2.42%         0avio      4490k   language-option
           7    0.04%       3.04re    3.34%       0.00cp    0.91%         0avio      3568k   fping
           2    0.01%       2.00re    2.20%       0.00cp    0.60%         0avio     20912k   sendmail-msp
           2    0.01%       0.00re    0.00%       0.00cp    0.60%         0avio      4496k   dhclient-script
       16086   98.79%       0.00re    0.00%       0.00cp    0.00%         0avio      4922k   preload*
          38    0.23%       0.00re    0.00%       0.00cp    0.00%         0avio     68268k   smbd*
          12    0.07%       2.00re    2.20%       0.00cp    0.00%         0avio      1110k   sh
          12    0.07%       0.00re    0.00%       0.00cp    0.00%         0avio      1144k   sendmail*
          10    0.06%       0.00re    0.00%       0.00cp    0.00%         0avio      1080k   run-parts
           9    0.06%       0.00re    0.00%       0.00cp    0.00%         0avio      2611k   grep
           7    0.04%       0.00re    0.00%       0.00cp    0.00%         0avio      1111k   language-valida
           7    0.04%       0.00re    0.00%       0.00cp    0.00%         0avio      1089k   locale
           6    0.04%       0.00re    0.00%       0.00cp    0.00%         0avio      2862k   tr
           5    0.03%       0.00re    0.00%       0.00cp    0.00%         0avio      6388k   bash*
           5    0.03%       0.00re    0.00%       0.00cp    0.00%         0avio      1086k   ac
           4    0.02%       2.01re    2.20%       0.00cp    0.00%         0avio      6444k   cron*
           4    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio     25696k   sendmail-mta*
           4    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio      2154k   sed
           4    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio      1974k   rm
           4    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio      1972k   cat
           3    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio      1111k   acct
           3    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio      2864k   touch
           3    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio      2856k   basename
           3    0.02%       0.00re    0.00%       0.00cp    0.00%         0avio       700k   accton
           2    0.01%      10.00re   10.97%       0.00cp    0.00%         0avio         0k   kworker/u8:3*
           2    0.01%       2.00re    2.20%       0.00cp    0.00%         0avio      1144k   sendmail
           2    0.01%       0.00re    0.00%       0.00cp    0.00%         0avio      3208k   resolvconf
           2    0.01%       0.00re    0.00%       0.00cp    0.00%         0avio      4494k   dhclient-script*
           2    0.01%       0.00re    0.00%       0.00cp    0.00%         0avio      3208k   resolvconf*

List Out Last Executed Commands

If you want to get list of last executed command by users, run the following command:

lastcomm

Output:

    apt-get          S     root     pts/2      2.09 secs Wed Oct 19 22:57
    dpkg                   root     pts/2      0.00 secs Wed Oct 19 22:58
    dpkg                   root     pts/2      0.00 secs Wed Oct 19 22:58
    dpkg                   root     pts/2      0.00 secs Wed Oct 19 22:58
    apt-get           F    root     pts/2      0.00 secs Wed Oct 19 22:58
    sh                     root     pts/2      0.00 secs Wed Oct 19 22:58
    touch                  root     pts/2      0.00 secs Wed Oct 19 22:58
    dpkg                   root     pts/4      0.15 secs Wed Oct 19 22:58
    ureadahead.post        root     pts/4      0.00 secs Wed Oct 19 22:58
    acct.postinst          root     pts/4      0.00 secs Wed Oct 19 22:58
    invoke-rc.d            root     pts/4      0.00 secs Wed Oct 19 22:58
    acct                   root     pts/4      0.00 secs Wed Oct 19 22:58
    accton           S     root     pts/4      0.00 secs Wed Oct 19 22:58

To list out the information about last command executed by user vyom, run the following command:

lastcomm vyom

Output: ``` language-bash lastcomm vyom pts/4 0.00 secs Wed Oct 19 23:38 lastcomm vyom pts/4 0.77 secs Wed Oct 19 23:37 sa vyom pts/4 0.31 secs Wed Oct 19 23:25 sa vyom pts/4 0.01 secs Wed Oct 19 23:22 ac vyom pts/4 0.00 secs Wed Oct 19 23:20 ac vyom pts/4 0.00 secs Wed Oct 19 23:18 ac vyom pts/4 0.00 secs Wed Oct 19 23:12 ac vyom pts/4 0.00 secs Wed Oct 19 23:12 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.01 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.01 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.01 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.01 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.02 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.01 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 language-valida vyom __ 0.00 secs Wed Oct 19 23:08 language-option vyom __ 0.01 secs Wed Oct 19 23:08 sh vyom __ 0.00 secs Wed Oct 19 23:08 grep vyom __ 0.00 secs Wed Oct 19 23:08 locale vyom __ 0.00 secs Wed Oct 19 23:08 ac vyom pts/4 0.00 secs Wed Oct 19 23:08 bash F vyom pts/4 0.00 secs Wed Oct 19 23:08 bash F vyom pts/4 0.00 secs Wed Oct 19 23:08 ls vyom pts/4 0.00 secs Wed Oct 19 23:08 bash F vyom pts/4 0.00 secs Wed Oct 19 23:08 dircolors vyom pts/4 0.00 secs Wed Oct 19 23:08 bash F vyom pts/4 0.00 secs Wed Oct 19 23:08 lesspipe vyom pts/4 0.00 secs Wed Oct 19 23:08 lesspipe F vyom pts/4 0.00 secs Wed Oct 19 23:08 dirname vyom pts/4 0.00 secs Wed Oct 19 23:08 basename vyom pts/4 0.00 secs Wed Oct 19 23:08 bash F vyom pts/4 0.00 secs Wed Oct 19 23:08 groups vyom pts/4 0.00 secs Wed Oct 19 23:08

Want your very own server? Get our 1GB memory, Xeon V4, 20GB SSD VPS for £10.00 / month.

View Plans