02-22-2002
Are your people logging into the initial unix server from a PC?
What we do, is assign each PC a unique id. We can trace the login id via the PC id which shows up in the finger command.
Also, our system has /usr/var/adm/syslog.dated files.. which trace all root logins and what device they are coming from. You could then trace the device.
Hope this helps
10 More Discussions You Might Find Interesting
1. IP Networking
hi everybody ,
i have a solaris 5.6 box and i want to trace the route on an ip i treid traceroute but soalris 5.6 does not support it ...
is there a command that can be used equivelent to traceroute ?
thanks for your help (2 Replies)
Discussion started by: ppass
2 Replies
2. Shell Programming and Scripting
Does anyone know if there is a util out there to run through a shell script and be able to trace the function call tree. I have inherited some code and the original author was ****mad**** keen on functions - even ones called only once!
If anyone knows of anything I would appreciate it - web... (3 Replies)
Discussion started by: ajcannon
3 Replies
3. UNIX for Dummies Questions & Answers
Can someone help me with commands to trace DHCP on an HP_UX box?
Thanks! (0 Replies)
Discussion started by: nuGuy
0 Replies
4. HP-UX
Hi,
Last day, In one of our unix boxes there was an issue wherein few of the directory structures were missing / got deleted.
Is there any way by which we can find how it happened, I mean by going through syslog / which user had run what command?
Thanks for your help (3 Replies)
Discussion started by: vivek_damodaran
3 Replies
5. HP-UX
on HP-Unix how can i trace user for example "xxx999" ? (4 Replies)
Discussion started by: salhoub
4 Replies
6. Shell Programming and Scripting
Hi
I am working in ksh and getting the trace after trying to remove the file which in some cases does not exist:
$ my_script
loadfirm.dta.master: No such file or directory
The code inside the script which produces this trace is the following:
] || rm ${FILE}.master >> /dev/null
for... (3 Replies)
Discussion started by: aoussenko
3 Replies
7. Solaris
Hi
I would like to display only error messages from my log files while monotring application on my solaris box using tail command.
Is there other way we can monitor please let me know?
In general # tail -f "xyz.log' ---> this will display current activity of the logs, instead i would like... (4 Replies)
Discussion started by: gkrishnag
4 Replies
8. UNIX for Dummies Questions & Answers
Hi,
I am an oracle DBA pretty new to unix. We had one of the filesystems full and a colleague cleared some stuffs to create more space. I just checked now and found there is now more space available. How do i find exactly what he cleared? We have oracle database installed and its a RAC... (4 Replies)
Discussion started by: dollypee
4 Replies
9. Shell Programming and Scripting
Hi All
Thought it would be kind of fun to implement a stack trace for a shell script that calls functions within a sub shell. This is for bash under Linux and probably not portable -
#! /bin/bash
error_exit()
{
echo "======================="
echo $1
echo... (4 Replies)
Discussion started by: steadyonabix
4 Replies
10. AIX
Hi,
is it possible to trace everything about user that changes from its own user to root user, failed and successful attempts (I would need user and IP address of user that was trying to do that)?
I tried adding auth.notice and auth.info in syslog.conf but it only tracks user withoud IP... (6 Replies)
Discussion started by: sprehodec
6 Replies
trace(5) File Formats Manual trace(5)
Name
trace - system call tracer device
Description
The file is the system call trace device. It supports the following system calls: and The device supports 16 (configurable in as TR_USRS)
simultaneous users. It uses an 8192-byte buffer for trace records. The choice of which system calls to trace is done with the system call.
The call is used for efficient reading of the device. The call uses an 8192-byte buffer and returns when the buffer is 60% full. It is
required that the user use a buffer the same size as the system buffer size defined in as TR_BUFSIZE. All operations are defined in the
header file, The calls are:
--------------------------------
ioctl arg (pointer to)
--------------------------------
IOTR_GETOFF int a
IOTR_GETON int a
IOTR_GETALL int a
IOTR_GETPIDS int a[10]
IOTR_GETUIDS int a[10]
IOTR_GETSYSC int a[10]
IOTR_GETPGRP int a[10]
IOTR_SETOFF int a
IOTR_SETON int a
IOTR_SETALL int a
IOTR_SETPIDS int a[10]
IOTR_SETUIDS int a[10]
IOTR_SETSYSC int a[10]
IOTR_SETPGRP int a[10]
--------------------------------
Examples
A prototype example (with missing parts):
char cmd[BUFSIZ],buf[TR_BUFSIZ];
int pgrp[10],i;
fd = open("/dev/trace",0); /* open the device */
pgrp[0] = dofork(cmd); /* fork the command to trace */
for (i=1;i<TR_PGRP;i++) /* dofork sleeps 2 seconds while */
pgrp[i] = 0; /* we set up to do the trace */
i = ioctl(fd,IOTR_SETPGRP,pgrp);/* set up for the trace */
/* select code goes here */
read(fd,buf,sizeof(buf));
See Also
trace(1), close(2), ioctl(2), open(2), read(2), select(2)
trace(5)