Login Get Started
Hostxpeed
Login Get Started →
Security

How to Log All sudo Commands

5 min read
24 views
Jun 11, 2026

Step 1: Create Log Directory

sudo mkdir -p /var/log/sudo-commands
sudo chmod 750 /var/log/sudo-commands

Step 2: Configure Sudo Logging

sudo visudo

Add:

Defaults log_output
Defaults logfile=/var/log/sudo-commands/sudo.log
Defaults log_year
Defaults log_host
Defaults syslog=auth
Defaults loglinelen=0

Step 3: Use sudoreplay to Playback

sudo sudoreplay -l
sudo sudoreplay session_id

Step 4: Monitor Logs

sudo tail -f /var/log/sudo-commands/sudo.log

Was this article helpful?