Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Reporting SU and Failedlogins
Top Forums Shell Programming and Scripting Reporting SU and Failedlogins Post 100161 by DogDay on Friday 24th of February 2006 08:51:08 AM
Old 02-24-2006
There are a couple of ways to address this.

One is by truncating the wtmp/failedlogin files with fwtmp.

From the fwtmp man page:
Code:
 1. To convert a binary record in wtmp format to an ASCII record called
     dummy.file, enter:

     /usr/sbin/acct/fwtmp < /var/adm/wtmp > dummy.file

     The content of a binary wtmp file is redirected to a dummy ASCII file.
  2. To convert an ASCII dummy.file to a binary file in wtmp format called
     /var/adm/wtmp, enter the fwtmp command with the -ic switch:

     /usr/sbin/acct/fwtmp -ic < dummy.file > /var/adm/wtmp

     The dummy ASCII file is redirected to a binary wtmp file.

After step 1. you could remove X number of lines or manually edit it etc...

Or the easier way:

Code:
who failedlogin|grep $(date +"%b")

Which returns the current months records. Its not the proper way to get that information as the string for February may be found in the username or hostname etc... The proper way would be to use awk and compare $(date +"%b") with $3.

Or you could simply truncate the file on the first of every month with:

Code:
> /var/adm/wtmp
> /etc/security/failedlogin


Good luck.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Reporting

I have to do a lot of reporting for the company that I work for and was wondering if anyone had suggestions for a way to create professional looking reports. I currently use Filepro so much that I rarely see the shell. Any help is appreciated. (3 Replies)
Discussion started by: Mike11
3 Replies

2. UNIX for Dummies Questions & Answers

Progress reporting

Hi everyone, I'm completely new to the board and to UNIX and I have the following question regarding a script I am building. I am trying to copy an entire directory into a new directory and I was wondering if there is any way of printing on screen a progress report, for example a percentage. It... (9 Replies)
Discussion started by: Ypnos
9 Replies

3. UNIX for Dummies Questions & Answers

SNMP time reporting

Hi, First post, please bare with me. I am currently using SNMP on Nagios to monitor Exim and all is running great with the exception to it picking up the date / time of the last Exim queue run. What I am hoping to achieve is for SNMP / Nagios to correctly pickup the difference between the... (1 Reply)
Discussion started by: theblueproject
1 Replies

4. UNIX for Dummies Questions & Answers

Error reporting script

I am very new to unix/linux and am unsure how to do the following tasks within my script 1) append a log file and add a timestamped echo "Error occured" to it, if posibble to print it to file and on screen at the same time would be even better. 2) As my main script will be calling on a couple... (1 Reply)
Discussion started by: shamwick
1 Replies

5. Filesystems, Disks and Memory

Storage Monitoring/Reporting?

Hi. How do you guys, monitor/report your Storage environment? I have people (don't we all? ) that like to have monthly reports on space (raw/assigned/available), ports available/used, switches and the such. Do you use anything special? Or are you like me, a nice big Excel spreadsheet? How... (1 Reply)
Discussion started by: Stephan
1 Replies

6. Shell Programming and Scripting

Disk space reporting

I need to accomplish the following task - I have a number of accounts for a number of applications that i deploy on a unix server. There are a number of directories for each account in /prod/apps directory. eg. For an account Application1 I have /prod/apps/Application1_1 /prod/apps/Application1_2... (4 Replies)
Discussion started by: niranjandighe
4 Replies

7. Solaris

Monitoring and Reporting Solutions

Hi, I am hunting for a low cost Monitoring & Reporting Tool for the SUN Environment. I have all and all SUN Environment with LDOMs, Zones. The monitoring Tool 1. Hardware failure. 2. Disk space and failure. 3. LDOMS,Zones. 4. CPU,Memory Utilization. 5. ping,URL Monitors 6. Send... (4 Replies)
Discussion started by: menonk
4 Replies

8. Shell Programming and Scripting

Reporting lines above a particular pattern

Below is a typical report each of the lines represent the fields in the report component1 component2 <pattern> .. .. n lines ... .. VIOL = 2 the command should display component1 component2 VIOL = 2 only if pattern field of the report is "good" component1 and... (8 Replies)
Discussion started by: dll_fpga
8 Replies

9. SCO

du and dfspace reporting

Hi, I am using SCO UNIX version 6.0.0 release 5. I am using du and df space to see the used space in the / partition. I am using du -k option to get count in 1024 k so that it directly makes kb. In dfspace I subtracted the used mb from total size mb which should be the used space and then... (40 Replies)
Discussion started by: dextergenious
40 Replies

LEARN ABOUT OPENSOLARIS

fwtmp

fwtmp(1M)						  System Administration Commands						 fwtmp(1M)

NAME

       fwtmp, wtmpfix - manipulate connect accounting records

SYNOPSIS

       /usr/lib/acct/fwtmp [-ic]

       /usr/lib/acct/wtmpfix [file]...

DESCRIPTION

       fwtmp  reads  from  the	standard input and writes to the standard output, converting binary records of the type found in /var/adm/wtmpx to
       formatted ASCII records. The ASCII version is useful when it is necessary to edit  bad records.

       wtmpfix examines the standard input or named files in utmpx format, corrects the time/date stamps  to  make  the  entries  consistent,  and
       writes  to  the standard output. A hyphen (-) can be used in place of file to indicate the standard input. If time/date corrections are not
       performed, acctcon(1M) will fault when it encounters certain date-change records.

       Each time the date is set, a pair of date change records are written to /var/adm/wtmpx. The first record is the old  date  denoted  by  the
       string  "old time" placed in the line field and the flag OLD_TIME placed in the type field of the utmpx structure. The second record speci-
       fies the new date and is denoted by the string new time placed in the line field and the flag NEW_TIME placed in the  type  field.  wtmpfix
       uses these records to synchronize all time stamps in the file.

       In addition to correcting time/date stamps, wtmpfix will check the validity of the name field to ensure that it consists solely of alphanu-
       meric characters or spaces. If it encounters a name that is considered invalid, it will change the login name to INVALID and write a  diag-
       nostic to the standard error. In this way, wtmpfix reduces the chance that acctcon will fail when processing connect accounting records.

OPTIONS

       -ic    Denotes that input is in ASCII form, and output is to be written in binary form.

FILES

       /var/adm/wtmpx	 history of user access and administration information

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWaccu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       acctcom(1),  ed(1),  acct(1M),  acctcms(1M),  acctcon(1M),  acctmerg(1M),  acctprc(1M),	acctsh(1M),  runacct(1M),  acct(2), acct.h(3HEAD),
       utmpx(4), attributes(5)

SunOS 5.11							    22 Feb 1999 							 fwtmp(1M)
All times are GMT -4. The time now is 05:15 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy