07-16-2008
Acutally I have no idea the format of the Solaris audit files which is part of the problem. I did some initial searches but could not find specifics on what the records would look like.
6 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Can someone please suggest a script to make the following into one single (continuous) line so that a pattern search can be carried out on the resulting single line.
Note : Sample (may be shorter or longer) and will be contained in a text file
... (6 Replies)
Discussion started by: nmsinghe
6 Replies
2. Shell Programming and Scripting
Not sure what happened, this page/code always worked before, no changes were made to the code, only the box was powered down, moved and powered back up, the code seems to still be doing its job but spewing out these errors right on the page.
Again no changes were made.
Warning: strtotime()... (1 Reply)
Discussion started by: ippy98
1 Replies
3. Web Development
I'm trying to set an admin password for MySQL using the following command:
$ /usr/local/mysql/bin/mysqladmin -u root -p new_password
But, I get the following error message?
/usr/local/mysql/bin/mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user... (2 Replies)
Discussion started by: Abder-Rahman
2 Replies
4. What is on Your Mind?
I'm currently a Windows admin and have wanted to jump ship to the *nix side for a while now. I've been studying both through an lpic level 1 manual as I have time (focusing on debian), and a solaris 10 cert book. The problem is I only have a handful of hours a week to study, and my current job... (3 Replies)
Discussion started by: bobwilson
3 Replies
5. What is on Your Mind?
I am planning to choose my career as Unix/Linux Admin or a DBA. But I have come to know from forums and few admins like the job will be 24/7. I have few questions on that.
Can we get "DAY" shifts in any one of the admin Job ?
Can't we have shift timings in any company ?
Eventhough the... (7 Replies)
Discussion started by: Jacktts
7 Replies
6. Post Here to Contact Site Administrators and Moderators
I made a change in either my my User Control Panel or Miscelleneous. I may have switched to a mobile format.
This is what I do NOT want.
Dropbox - NotWhatIWant.png
This is how I would like to returned to.
Dropbox - WhatIWant.png (4 Replies)
Discussion started by: drew77
4 Replies
AULAST:(8) System Administration Utilities AULAST:(8)
NAME
aulast - a program similar to last
SYNOPSIS
aulast [ options ] [ user ] [ tty ]
DESCRIPTION
aulast is a program that prints out a listing of the last logged in users similarly to the program last and lastb. Aulast searches back
through the audit logs or the given audit log file and displays a list of all users logged in (and out) based on the range of time in the
audit logs. Names of users and tty's can be given, in which case aulast will show only those entries matching the arguments. Names of ttys
can be abbreviated, thus aulast 0 is the same as last tty0.
The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all reboots since the log file was
created.
The main difference that a user will notice is that aulast print events from oldest to newest, while last prints records from newest to
oldest. Also, the audit system is not notified each time a tty or pty is allocated, so you may not see quite as many records indicating
users and their tty's.
OPTIONS
--bad Report on the bad logins.
--extract
Write raw audit records used to create the displayed report into a file aulast.log in the current working directory.
-f file
Use the file instead of the audit logs for input.
--proof
Print out the audit event serial numbers used to determine the preceeding line of the report. A Serial number of 0 is a place holder
and not an actual event serial number. The serial numbers can be used to examine the actual audit records in more detail. Also an
ausearch query is printed that will let you find the audit records associated with that session.
--stdin
Take audit records from stdin.
EXAMPLES
To see this month's logins
ausearch --start this-month --raw | aulast --stdin
SEE ALSO
last(1), lastb(1), ausearch(8), aureport(8).
AUTHOR
Steve Grubb
Red Hat Nov 2008 AULAST:(8)