02-24-2006
Reporting SU and Failedlogins
Hi:-
I am working on an audit report that produces a monthly summary of account activity on a particular AIX host. I am struggling with su activity and failed logins as these tend to come back with more then a month's data.
Is there a easy way that these files can be rotated/cleaned out on a monthly bases or a way to query /var/adm/sulog or /etc/security/failedlogins so that they only report on the last 30 days?
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have to do a lot of reporting for the company that I work for and was wondering if anyone had suggestions for a way to create professional looking reports. I currently use Filepro so much that I rarely see the shell. Any help is appreciated. (3 Replies)
Discussion started by: Mike11
3 Replies
2. UNIX for Dummies Questions & Answers
Hi everyone, I'm completely new to the board and to UNIX and I have the following question regarding a script I am building.
I am trying to copy an entire directory into a new directory and I was wondering if there is any way of printing on screen a progress report, for example a percentage. It... (9 Replies)
Discussion started by: Ypnos
9 Replies
3. UNIX for Dummies Questions & Answers
Hi,
First post, please bare with me.
I am currently using SNMP on Nagios to monitor Exim and all is running great with the exception to it picking up the date / time of the last Exim queue run.
What I am hoping to achieve is for SNMP / Nagios to correctly pickup the difference between the... (1 Reply)
Discussion started by: theblueproject
1 Replies
4. UNIX for Dummies Questions & Answers
I am very new to unix/linux and am unsure how to do the following tasks within my script
1) append a log file and add a timestamped echo "Error occured" to it, if posibble to print it to file and on screen at the same time would be even better.
2) As my main script will be calling on a couple... (1 Reply)
Discussion started by: shamwick
1 Replies
5. Filesystems, Disks and Memory
Hi.
How do you guys, monitor/report your Storage environment? I have people (don't we all? ) that like to have monthly reports on space (raw/assigned/available), ports available/used, switches and the such.
Do you use anything special? Or are you like me, a nice big Excel spreadsheet? How... (1 Reply)
Discussion started by: Stephan
1 Replies
6. Shell Programming and Scripting
I need to accomplish the following task -
I have a number of accounts for a number of applications that i deploy on a unix server. There are a number of directories for each account in /prod/apps directory. eg. For an account Application1 I have /prod/apps/Application1_1 /prod/apps/Application1_2... (4 Replies)
Discussion started by: niranjandighe
4 Replies
7. Solaris
Hi,
I am hunting for a low cost Monitoring & Reporting Tool for the SUN Environment.
I have all and all SUN Environment with LDOMs, Zones.
The monitoring Tool
1. Hardware failure.
2. Disk space and failure.
3. LDOMS,Zones.
4. CPU,Memory Utilization.
5. ping,URL Monitors
6. Send... (4 Replies)
Discussion started by: menonk
4 Replies
8. Shell Programming and Scripting
Below is a typical report
each of the lines represent the fields in the report
component1
component2
<pattern>
..
..
n lines ...
..
VIOL = 2
the command should display
component1
component2
VIOL = 2
only if pattern field of the report is "good"
component1 and... (8 Replies)
Discussion started by: dll_fpga
8 Replies
9. SCO
Hi,
I am using SCO UNIX version 6.0.0 release 5. I am using du and df space to see the used space in the / partition. I am using du -k option to get count in 1024 k so that it directly makes kb. In dfspace I subtracted the used mb from total size mb which should be the used space and then... (40 Replies)
Discussion started by: dextergenious
40 Replies
LEARN ABOUT OPENSOLARIS
sar
sar(1M) System Administration Commands sar(1M)
NAME
sar, sa1, sa2, sadc - system activity report package
SYNOPSIS
/usr/lib/sa/sadc [t n] [ofile]
/usr/lib/sa/sa1 [t n]
/usr/lib/sa/sa2 [-aAbcdgkmpqruvwy] [-e time] [-f filename]
[-i sec] [-s time]
DESCRIPTION
System activity data can be accessed at the special request of a user (see sar(1)) and automatically, on a routine basis, as described
here. The operating system contains several counters that are incremented as various system actions occur. These include counters for CPU
utilization, buffer usage, disk and tape I/O activity, TTY device activity, switching and system-call activity, file-access, queue activ-
ity, inter-process communications, and paging. For more general system statistics, use iostat(1M), sar(1), or vmstat(1M).
sadc and two shell procedures, sa1 and sa2, are used to sample, save, and process this data.
sadc, the data collector, samples system data n times, with an interval of t seconds between samples, and writes in binary format to ofile
or to standard output. The sampling interval t should be greater than 5 seconds; otherwise, the activity of sadc itself may affect the sam-
ple. If t and n are omitted, a special record is written. This facility can be used at system boot time, when booting to a multi-user
state, to mark the time at which the counters restart from zero. For example, when accounting is enabled, the svc:/system/sar:default ser-
vice writes the restart mark to the daily data file using the command entry:
su sys -c "/usr/lib/sa/sadc /var/adm/sa/sa'date +%d'"
The shell script sa1, a variant of sadc, is used to collect and store data in the binary file /var/adm/sa/sadd, where dd is the current
day. The arguments t and n cause records to be written n times at an interval of t seconds, or once if omitted. The following entries in
/var/spool/cron/crontabs/sys will produce records every 20 minutes during working hours and hourly otherwise:
0 * * * 0-6 /usr/lib/sa/sa1
20,40 8-17 * * 1-5 /usr/lib/sa/sa1
See crontab(1) for details.
The shell script sa2, a variant of sar, writes a daily report in the file /var/adm/sa/sardd. See the OPTIONS section in sar(1) for an
explanation of the various options. The following entry in /var/spool/cron/crontabs/sys will report important activities hourly during the
working day:
5 18 * * 1-5 /usr/lib/sa/sa2 -s 8:00 -e 18:01 -i 1200 -A
FILES
/tmp/sa.adrfl
address file
/var/adm/sa/sadd
Daily data file
/var/adm/sa/sardd
Daily report file
/var/spool/cron/crontabs/sys
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWaccu |
+-----------------------------+-----------------------------+
SEE ALSO
crontab(1), sag(1), sar(1), svcs(1), timex(1), iostat(1M), svcadm(1M), vmstat(1M), attributes(5), smf(5)
NOTES
The sar service is managed by the service management facility, smf(5), under the service identifier:
svc:/system/sar
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser-
vice's status can be queried using the svcs(1) command.
SunOS 5.11 20 Aug 2004 sar(1M)