I noticed that there is always three users logged on the remote servers that I am montoring. After checking the process with ps -aux, there was only one person logged onto the remote server which was myself. I have not noticed anything unusual in the services other than the process of my remote connection to the server. Is there a number of users that always stay logged onto a Unix/linux system? Or is it an error with nagios?
I am also wanting to monitor the times that users are logged onto remote servers. This would be nice in order to monitor any unusual activity or a possible successful hacker receiving access to a server. Is there a way to monitor the times that users log onto hosts and have nagios sent out notifications for this?
Any help or suggestions would be greatly appreciated.