This article applies to BoKS Manager versions 6.6.2 through 7.1.
For keystroke log level 4, control of what and how much to log was configured using an ENV parameter on the local machine. This made it possible for a local administrator to manipulate these settings and for example turn off logging of input and output completely so only a keystroke log file with metadata was produced.
Resolution / Workaround
To resolve this problem, download and install:
HFBM-0232 for BoKS Manager 7.1,
HFBM-0231 for BoKS Manager 7.0,
HFBM-0230 for BoKS Manager 6.7.x, or
HFBM-0241 for BoKS Manager 6.6.2
from the HelpSystems Community Portal.
Keystroke log level 4 will now have the same defaults as for keystroke log level 3. However, now there is support for controlling the amount of input and output to log using modifiers on the Access Rule allowing SUEXEC access with keystroke logging.
- kslsize gives the maximum size for the keystroke log file before a new one is started. It can be set in kilobytes (postfix 'k' or 'K') or megabytes (postfix 'm' or 'M'). Minimum is 10k.
- ksltime gives the approximate time before a new keystroke log file is started. It can be set in minutes (postfix 'm' or 'M') or hours (postfix 'h' or 'H').
- kslog_max_input controls how much input is logged between outputs. It can be set in bytes, kilobytes (postfix 'k' or 'K') or megabytes (postfix 'm' or 'M'). For example kslog_max_input=10k. 0 will disable logging of input. The default if not present is to log everything.
- kslog_max_output controls how much output is logged between inputs. It can be set in bytes, kilobytes (postfix 'k' or 'K') or megabytes (postfix 'm' or 'M'). For example kslog_max_output=10k. 0 will disable logging of output. The default if not present is to log output in accordance with the specified keystroke log level.
The support for turning on and off logging depending on whether or not the terminal is set for echo has been dropped since it was questionable from a security standpoint (a user could turn off echoing and execute commands that were then not logged).
Still have questions? We can help. Submit a case to Technical Support.