We're using Solar Winds to pull various information out of exim logs using bash scripts that tells us the most common addresses of accounts sending out e-mails. The data that we're getting back is good, but we've run into a major problem.
We sometimes rely on the bash command history of the root user (the above scripts run as root) to see what commands other admins may have run on the servers. However, the command history is getting spammed with the following blocks:
993 2014-07-03 13:36:15 PS1='__SOLAR_WINDS_APM__'
994 2014-07-03 13:36:15 cd .
995 2014-07-03 13:36:15 pwd
996 2014-07-03 13:36:15 cat>/root/./APM_1526844318.pl
997 2014-07-03 13:36:15 chmod +x /root/./APM_1526844318.pl
998 2014-07-03 13:36:15 sh /root/./APM_1526844318.pl
999 2014-07-03 13:36:15 echo $?
1000 2014-07-03 13:36:15 rm -f /root/./APM_1526844318.pl
These are the bash commands that Solar Winds is issuing to the server once it logs in with the SSH credentials in order to run the requested scripts. Is there some way to force Solar Winds to execute the commands so that they aren't added to the bash history, or possibly direct its input to some other history file?
