Chapter 2. Deploying Session Recording on RHEL
In this section we cover how to deploy the Session Recording solution on a Red Hat Enterprise Linux system.
Prerequisites
To be able to deploy the Session Recording solution you need to have the following packages installed: tlog
, SSSD, cockpit-session-recording
.
2.1. Installing tlog
Install the tlog
packages.
Procedure
Use the following command:
# yum install tlog
2.2. Installing cockpit-session-recording
The basic web console packages are a part of Red Hat Enterprise Linux 8 by default. To be able to use the Session Recording solution, you have to install the cockpit-session-recording
packages and start or enable the web console on your system:
Procedure
Install
cockpit-session-recording
.# yum install cockpit-session-recording
Start or enable the web console on your system:
# systemctl start cockpit.socket
or
# systemctl enable cockpit.socket --now
When you have all the necessary packages installed, you can move on to configuring your recording parameters.
2.3. Configuring the recorded users or user groups with SSSD from the CLI
If you choose to manage recorded users or user groups with SSSD, which is the recommended option, every user’s original shell will be preserved.
Procedure
To specify which users or user groups you want to record from the command-line interface (CLI), modify open the
sssd-session-recording.conf
configuration file:# vi /etc/sssd/conf.d/sssd-session-recording.conf
NoteThe
sssd-session-recording.conf
file is created automatically once you have opened the configuration page in the web console interface.Specify the scope of recorded users or user groups, either enter:
-
none
to record no sessions. -
some
to record only specified sessions. -
all
to record all sessions.
-
-
In case you choose
some
as a scope of recorded users or groups, add their names divided by commas to the file.
Example 2.1. SSSD configuration
In the following example users example1
and example2
, and group examples
have session recording enabled.
[session_recording] scope = some users = example1, example2 groups = examples
2.4. Configuring the recorded users or user groups with SSSD from web UI
Second option for specifying recorded users or user groups using SSSD is to list them directly in the RHEL 8 web console.
Procedure
-
Connect to the RHEL 8 web console locally by entering
localhost:9090
or by entering your IP address<IP_ADDRESS>:9090
to your browser. Log in to the RHEL 8 web console.
ImportantYour user has to have administrator privileges to be able to view te recorded sessions.
- Go to the Session Recording page in the menu on the left of the interface.
Click on the gear button in the right top corner.
Set your parameters in the SSSD Configuration table. Names in the Users and Groups lists should be divided by commas.
Example 2.2. Configuration of recorded users with SSSD
2.5. Configuration of recorded users or user groups without SSSD
Be aware that this practice is not recommended to use. The preferred option is to configure your recorded users via SSSD either from command-line interface or directly from the RHEL 8 web console.
If choose to manually change the user’s shell, their working shell will be the one that is listed in the tlog-rec-session.conf
configuration file.
If you do not want to use SSSD for specifying recorded user or user groups it is possible to directly change the shell of the user you want to record to /usr/bin/tlog-rec-session
:
# chsh <user_name> Changing shell for <user_name>. New shell [</old/shell/location>]
2.6. Exporting recorded sessions to a file
You can export your recorded sessions and their logs and copy them.
The following procedure shows how to export recorded sessions on a local system.
Prerequisites
Install the systemd-journal-remote
package.
# yum install systemd-journal-remote
Procedure
Create the
/tmp/dir
directory:# mkdir /tmp/dir
Run the
journalctl -o export
command:# journalctl -o export | /usr/lib/systemd/systemd-journal-remote -o /tmp/dir/example.journal -
This creates an export file from the system journal with all its entities. You can then copy the exported file to the /var/log/journal/
directory on any other host. For your convenience, you can also create the /var/log/journal/remote/
directory for export files from remote hosts.