# Add content in /etc/.cshrc# Log C shell(tcsh) user login and commandhistoryset up_client_ip=`(who am i|cut -d\(-f2|cut -d\) -f1)`set up_flag=`echo $up_client_ip|awk -F '($1~/[0-9]+.[0-9]+.[0-9]+.[0-9]+/)'`if ( $up_flag == "" ) thenset -r up_client_ip=`grep"$up_client_ip" /etc/hosts|cut -f1`elseset -r up_client_ip=`(who am i|cut -d\(-f2|cut -d\) -f1)`endifset -r up_nowtime=`(date +"%Y-%m-%d%T")`if ( $user == `(id|cut -d\( -f2|cut -d\)-f1)` && "$0" == "tcsh" )  then               echo >/dev/null;      else               logger -p user.notice --class=\"HOST_LOGIN\" type=\"2\" time=\"$up_nowtime\" src_ip=\"$up_client_ip\" dst_ip=\"192.168.100.90\" primary_user=\"\" secondary_user=\"`id|cut-d\( -f2|cut -d\) -f1`\" operation=\"\" content=\"loginsuccessful\" authen_status=\"Success\" log_level=\"1\" session_id=\"$$\" >/dev/nullendifalias precmd 'logger -p user.notice --class=\"HOST_COMMAND\" type=\"3\" time=\"`date+"%Y-%m-%d %T"`\" src_ip=\"$up_client_ip\" dst_ip=\"192.168.100.90\" primary_user=\"\" secondary_user=\"`id|cut -d\( -f2|cut -d\) -f1`\" operation=\"`history 1 | cut -f3-`\" content=\"command\" authen_status=\"\" log_level=\"1\" session_id=\"$$\">/dev/null'

# Add content in /etc/.login# Log C shell(csh)user login and commandhistoryswitch ($shell) case */csh:      set up_nowtime=`date +"%Y-%m-%d %T"`      set up_client_ip=`(who am i|cut -d\( -f2|cut -d\) -f1)`      set up_flag=`echo $up_client_ip|awk -F '($1 ~/[0-9]+.[0-9]+.[0-9]+.[0-9]+/)'`      if ( $up_flag == "" ) then      set up_client_ip=`grep "$up_client_ip" /etc/hosts|cut -f1`      endif   logger -p user.notice -- class=\"HOST_LOGIN\"type=\"2\" time=\"$up_nowtime\" src_ip=\"$up_client_ip\" dst_ip=\"192.168.100.90\" primary_user=\"\" secondary_user=\"`id|cut -d\( -f2|cut -d\) -f1`\" operation=\"\" content=\"login successful\" authen_status=\"Success\" log_level=\"1\" session_id=\"$$\" >/dev/null   breaksw default:   breakswendsw