This is on a HP-UX system.

I need to merge the 2 reports, for each line in syslog I need to lookup who was logged in to the pts/# based on the time from the last.txt report.

Here is what I get from sulog.log

cat syslog | grep "su:" | grep "Jun 14"


Jul 14 08:02:48 server1 su: - 2 user1-root
Jul 14 09:13:23 server1 su: + 2 user1-root
Jul 14 12:03:03 server1 su: + 2 user1-root
Jul 14 18:15:13 server1 su: + 3 user2-root
Jul 14 15:03:01 server1 su: + 4 user7-root

- 2 = pts/2
+ 2 = pts/2
+ 3 = pts/3
etc....





This is from last report:

head last.txt | grep "Jul 14"
user1 pts/2 10.0.0.1 Thu Jul 14 08:00 - 10:00 (02:00)
user1 pts/2 10.0.0.2 Thu Jul 14 11:00 - 13:00 (02:00)
user2 pts/3 10.0.0.3 Wed Jul 14 16:00 - 20:00 (04:00)
user7 pts/4 hostx Wed Jul 14 13:25 - 16:01 (02:35)
.
.
.
.

So I could get:

Jul 14 08:02:48 server1 su: - 2 user1-root 10.0.0.1
Jul 14 09:13:23 server1 su: + 2 user1-root 10.0.0.1
Jul 14 12:03:03 server1 su: + 2 user1-root 10.0.0.2
Jul 14 18:15:13 server1 su: + 3 user2-root 10.0.0.3
Jul 14 15:03:01 server1 su: + 4 user7-root hostx

Any assistance would be great.