Sudo logging need year details also


 
Thread Tools Search this Thread
Operating Systems Solaris Sudo logging need year details also
# 1  
Old 12-13-2012
Sudo logging need year details also

Hi All

I have a requirement in which during sudo logging, I must get the year details also in sudo log file. As below output is not mentioning the year due to this I will not able to idenfiy that this log belong to 2012 or 2011 or 2010


Code:
Dec 12 11:30:21 XYZ sudo: [ID 702911 local2.notice]   user1 : TTY=pts/5 ; PWD=/export/home/user1 ; USER=root ; COMMAND=/usr/bin/cat /var/log/sudo.log

Please let me know how can we do that

Last edited by jim mcnamara; 12-18-2012 at 12:57 PM.. Reason: code tags
# 2  
Old 12-18-2012
You could rotate the log out yearly or monthly, with the date bits in the file name.
# 3  
Old 12-18-2012
You could also add a cron job to add a timestamp including the year into the log once in a while.
# 4  
Old 12-18-2012
The man pages for sudo seem to vary for some reason (depending on the OS I guess), but there is an option which allows including the year in the logging that can be added into the sudoers file:

Code:
Defaults log_year

# 5  
Old 12-18-2012
It is best practices to have a file life cycle that supports keeping system records together by time. A system log file that is never rotated or truncated is just not healthy, may grow to be a problem.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

2. UNIX for Dummies Questions & Answers

at -l doesnt give details of the scheduled job. How to get the details?

I have scheduled couple of shell scripts to run using 'at' command. The o/p of at -l is: $ at -l 1320904800.a Thu Nov 10 01:00:00 2011 1320894000.a Wed Nov 9 22:00:00 2011 1320876000.a Wed Nov 9 17:00:00 2011 $ uname -a SunOS dc2prcrptetl2 5.9 Generic_122300-54 sun4u sparc... (2 Replies)
Discussion started by: superparticle
2 Replies

3. Shell Programming and Scripting

ssh foo.com sudo command - Prompts for sudo password as visible text. Help?

I am writing a BASH script to update a webserver and then restart Apache. It looks basically like this: #!/bin/bash rsync /path/on/local/machine/ foo.com:path/on/remote/machine/ ssh foo.com sudo /etc/init.d/apache2 reloadrsync and ssh don't prompt for a password, because I have DSA encryption... (9 Replies)
Discussion started by: fluoborate
9 Replies

4. AIX

How to find the year in last login details

Hi Friends I have a query. we had a requirement to see the last login details of our users so I ran the command last <username> and the output i get is: wtmp begins Apr 17 21:48 Now I need to know couple of things: 1. How can I see the year this log is being read from wtmp file 2. Is... (4 Replies)
Discussion started by: nathandrake13
4 Replies

5. UNIX for Advanced & Expert Users

change io logging directory sudo 1.7.4p6

There was an update in sudo 1.7.5 : -The I/O log directory may now be specified in the sudoers file. I am stuck using sudo 1.7.4p6. Because it is supported by HP on thier HP-UX builds. Is there a process to change this directory in sudo 1.7.4p6? currently sudo 1.7.4p6's default is... (3 Replies)
Discussion started by: trimike
3 Replies

6. UNIX for Dummies Questions & Answers

Unable to use the Sudo command. "0509-130 Symbol resolution failed for sudo because:"

Hi! I'm very new to unix, so please keep that in mind with the level of language used if you choose to help :D Thanks! When attempting to use sudo on and AIX machine with oslevel 5.1.0.0, I get the following error: exec(): 0509-036 Cannot load program sudo because of the following errors:... (1 Reply)
Discussion started by: Chloe123
1 Replies

7. HP-UX

sudo or su logging

Jul 14 08:02:40 servera sshd: Accepted keyboard-interactive/pam for someuser from x.x.x.x port 1406 ssh2 Jul 14 08:02:48 servera su: - 1 someuser-root Jul 14 08:03:03 servera sudo: someuser : TTY=pts/1 ; PWD=/home/someuser ; USER=root ; COMMAND=/usr/bin/su - Jul 14 08:03:03 servera su: + 1... (3 Replies)
Discussion started by: Ikon
3 Replies

8. UNIX for Dummies Questions & Answers

logging SFTP details in a log file...

hi all..... i want to know how to log the details when logging into a server using SFTP......in FTP i used something like (ftp -uv<xxx.srp>>log_file.log) where the details will be logged to log_file...is there any options for doing the same in SFTP....i wanted to display the details abt... (4 Replies)
Discussion started by: santy
4 Replies

9. UNIX for Dummies Questions & Answers

sudo logging + NFS hang?

Hi all, I have two problems, My system is SunOS 5.9: 1- I have installed sudo but I have a problem logging user activities on other hosts, the way I installed it is that I installed sudo and the sudoers file in a shared directory on a NFS server which is mounted by all computers on the... (1 Reply)
Discussion started by: neked
1 Replies

10. UNIX for Advanced & Expert Users

Logging all commands after a sudo su-

Hi there, It might seem tricky, I confess. We use sudo to allow people to initiate priviledged commands (but not all commands) on our Unix systems. To by pass this, some people initiate the sudo su - command ; The main issue is to 'know' what those people do when they gain root access.... (4 Replies)
Discussion started by: linuxmtl
4 Replies
Login or Register to Ask a Question