08-03-2009
Unix Security - SU logs
Hi,
Hope its good with everyone.
I have the below su logs and i dont understand the bolded numbers. can someone help me please.
Jul 24 11:55:50 su: - 8 username
Jul 24 12:12:40 su: - 10 username
Jul 26 11:15:32 su: - 7 username
I understand these are failed logins but what does that number (8,10,7) indicate??
Thanks for helping.
-Indra
9 More Discussions You Might Find Interesting
1. UNIX Desktop Questions & Answers
hi
my name es juan
i have sco open server 5.0.4 release
i need clear the log files as wtmp
thanks you very much (1 Reply)
Discussion started by: jtapia
1 Replies
2. HP-UX
Hi All,
Can anybody tell me, how to trace out user access to the Unix Server Machine, (i,e) I want to find out the user who had executed some commands to alter the cron file.
Regards
Nag (3 Replies)
Discussion started by: nag_sundaram
3 Replies
3. UNIX for Dummies Questions & Answers
Hi.
Is there a way or command (other than netstat) in Unix to find out or get a list a users who FTP into a particular server? Like, say last 1000 users. I need to get the user ID (any info), who FTP to a particular server.
netstat gives only the users who have an FTp session currently.
... (2 Replies)
Discussion started by: manisendhil
2 Replies
4. Linux
Hi,
I need to get a hostory of users who FTP into a server. How can I do it in Linux/Unix? Is there a command for this? I do not want to use netstat -a as it gives only the list of users who have a session currently on the server. Can this be done with the "last" command?
Please do let me... (0 Replies)
Discussion started by: manisendhil
0 Replies
5. UNIX for Advanced & Expert Users
Hi,
I'm working in an application and the related Java code and the envrionment is in Unix server. We are generating the log messages using loggers of Java.util.log . But, the logs are not getting generated in the log files.
We feel that the people who developed the system might have done some... (6 Replies)
Discussion started by: kelangovan
6 Replies
6. UNIX for Advanced & Expert Users
Hi !
I have a FTP site, where I softlinked my server log file.
Now I want to view the logs in IE as I do in unix
Some kind of free tool should be there, Can somebody provide me a pointer.
Thanks. (0 Replies)
Discussion started by: dashok.83
0 Replies
7. UNIX for Advanced & Expert Users
Hi.
Is there a way or command (other than netstat) in Unix to find out or get a list a users who FTP into a particular server? Like, say last 1000 users. I need to get the user ID (any info), who FTP to a particular server.
netstat gives only the users who have an FTp session currently.
... (4 Replies)
Discussion started by: manisendhil
4 Replies
8. UNIX for Dummies Questions & Answers
Can any one give a explaination with examples on how to understand file transmission log files in Unix for inbound and outbound traffic. (1 Reply)
Discussion started by: ITDev01
1 Replies
9. UNIX for Dummies Questions & Answers
I'm working on Logs Management System. it requires from all Unix servers to send their logs files to a specific (IP, Port).
Please help me to get the right conf on logs files to send them to that IP and port.
Any suggestions are highly appreciated.
:o:o (0 Replies)
Discussion started by: kinan adra
0 Replies
fspy(1) User Commands fspy(1)
NAME
fspy - filesystem activity monitoring tool
SYNOPSIS
fspy [options] [file/dir]
OPTIONS
-F, --filter STRING/REGEX
a string or regular expression which will be used to filter the output. (the regex will be matched against the whole path e.g.
[/etc/passwd])
-I, --inverted STRING/REGEX
its the same like -F/--filter but inverted. you can combine both. e.g. -F '.conf' -I 'wvdial.conf' will filter for files with
".conf" in its name but without "wvdial.conf" in it.
-R, --recursive NUMBER
enables the recursive engine to look at a depth of NUMBER.
-A, --adaptive
(HIGHLY-EXPERIMENTAL) enables the adaptive mode. e.g. if new items will be added within the path fspy will automatically add those
items to the watch list.
-D, --diff VALUE
(EXPERIMENTAL) enables the diffing feature. VALUE may be a comma separated list of: s - element size (byte) A - last access time
(e.g. Mon Jul 21 21:32:31 2008) M - last modification time (e.g. Mon Jul 21 21:32:31 2008) S - last status change time (e.g. Mon Jul
21 21:32:31 2008) O - permissions (octal) U - owner (uid) G - group (gid) I - inode number D - device id
-T, --type VALUE
specifies the type of objects to look for. VALUE may be a comma separated list of: f - regular file d - directory s - symlink p -
FIFO/pipe c - character device b - block device o - socket default is any.
-O, --output VALUE
specifies output format. VALUE may be a comma separated list of: f - filename p - path d - access description t - element type s -
element size (byte) w - watch descriptor (inotify manpage) c - cookie (inotify manpage) m - access mask (inotify manpage | src/fsev-
ents.h) l - len (inotify manpage) A - last access time (e.g. Mon Jul 21 21:32:31 2008) M - last modification time (e.g. Mon Jul 21
21:32:31 2008) S - last status change time (e.g. Mon Jul 21 21:32:31 2008) O - permissions (octal) U - owner (uid) G - group (gid) I
- inode number D - device id T - date and time (for this event) (e.g. Tue Mar 25 09:23:16 CET 2008) e.g.: '[,T,], ,d,:,p,f' would
result in: '[Mon Sep 1 12:31:25 2008] file was opened:/etc/passwd' (take a look at the README).
-h, --help
this short help.
--version
version information.
AUTHOR
fspy is Copyright 2008-2009, Richard Sammet
This manual page was written by Giuseppe Iuculano <giuseppe@iuculano.it>, for the Debian project (but may be used by others).
fspy 0.1.0 January 2009 fspy(1)