AnsweredAssumed Answered

Bash history being filled up in UNIX systems by Qualys scan

Question asked by void on Feb 24, 2016
Latest reply on Mar 18, 2016 by Albert Ros

When performing a VM scan on a NIX system in our environment its been brought to my attention that the scan causes the BASH history for root to be filled up thereby losing visibility of 'more interesting' events logged by normal processes/users.  Additionally, this also may start to impact our IR teams ability to forensically review command history for a system.  My question: Has anyone else here faced a similar problem and, if so, what was your approach to fixing it?  Yes we could increase the history size or perform tweaks but Im just wondering if there is something a little more elegant that can be done.

Outcomes