CommandLog_Command

the commandlog command contains the kron pam proxy command logs commands used via ssh/telnet, sftp, and sql proxy are stored in the database and sent to the syslog server, if they are defined the packets are sent to the server in the following format sessionid specific id of the log in the pam database username the username used to log in to pam and execute the command host kron pam host ip tenantid tenant, the command log was captured sessionstarttime when the session started sessionendtime when the session finished globalusername globalusername that used for authentication clientip source ip of the device that executed the command commandtime exact time the command was executed command executed command allowed if the executed command is allowed by the administrator or not if allowed=true authorized, the command can be executed if allowed=false unauthorized, the command can’t be executed instancename which instance executed the command devicegroups group name of the device on which the command is executed context indicates the terminal session context in which the command was executed example the test user executes the date command, configured as white key on kron pam {sessionid='c033da3ee9c2e6798d6bd3cd', username='test', host='10 10 10 10', tenantid='krontech', sessionstarttime=2025 04 24 12 33 51 499, sessionendtime=2025 04 24 12 34 26 153, globalusername='root', clientip='10 0 1 1', commandtime=2025 04 24 12 34 26 141, command='date', allowed=true, instancename='localhost localdomain', devicegroups=null, context='\[root\@xxx ]'} the test user executes the logout command, configured as black key on kron pam {sessionid='c033da3ee9c2e6798d6bd3cd', username='test', host='10 10 10 10', tenantid='krontech', sessionstarttime=2025 04 24 12 33 51 499, sessionendtime=2025 04 24 12 34 26 153, globalusername='root', clientip='10 0 1 1', commandtime=2025 04 24 12 34 26 141, command='logout', allowed=false, instancename='localhost localdomain', devicegroups=null, context='\[root\@xxx ]'}