Sponsored Content
Special Forums Cybersecurity Help - Made a serious admin error Post 302215447 by jtbates on Wednesday 16th of July 2008 10:41:03 AM
Old 07-16-2008
Acutally I have no idea the format of the Solaris audit files which is part of the problem. I did some initial searches but could not find specifics on what the records would look like.
 

6 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Can this be made into one single line?

Can someone please suggest a script to make the following into one single (continuous) line so that a pattern search can be carried out on the resulting single line. Note : Sample (may be shorter or longer) and will be contained in a text file ... (6 Replies)
Discussion started by: nmsinghe
6 Replies

2. Shell Programming and Scripting

strtotime() error - no changes made

Not sure what happened, this page/code always worked before, no changes were made to the code, only the box was powered down, moved and powered back up, the code seems to still be doing its job but spewing out these errors right on the page. Again no changes were made. Warning: strtotime()... (1 Reply)
Discussion started by: ippy98
1 Replies

3. Web Development

Error when trying to set Admin password in MySQL

I'm trying to set an admin password for MySQL using the following command: $ /usr/local/mysql/bin/mysqladmin -u root -p new_password But, I get the following error message? /usr/local/mysql/bin/mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user... (2 Replies)
Discussion started by: Abder-Rahman
2 Replies

4. What is on Your Mind?

Windows Admin switching to *nix Admin

I'm currently a Windows admin and have wanted to jump ship to the *nix side for a while now. I've been studying both through an lpic level 1 manual as I have time (focusing on debian), and a solaris 10 cert book. The problem is I only have a handful of hours a week to study, and my current job... (3 Replies)
Discussion started by: bobwilson
3 Replies

5. What is on Your Mind?

Regarding Admin life either as DBA or UNIX Linux admin

I am planning to choose my career as Unix/Linux Admin or a DBA. But I have come to know from forums and few admins like the job will be 24/7. I have few questions on that. Can we get "DAY" shifts in any one of the admin Job ? Can't we have shift timings in any company ? Eventhough the... (7 Replies)
Discussion started by: Jacktts
7 Replies

6. Post Here to Contact Site Administrators and Moderators

Fix a change I made

I made a change in either my my User Control Panel or Miscelleneous. I may have switched to a mobile format. This is what I do NOT want. Dropbox - NotWhatIWant.png This is how I would like to returned to. Dropbox - WhatIWant.png (4 Replies)
Discussion started by: drew77
4 Replies
AULAST:(8)						  System Administration Utilities						AULAST:(8)

NAME
aulast - a program similar to last SYNOPSIS
aulast [ options ] [ user ] [ tty ] DESCRIPTION
aulast is a program that prints out a listing of the last logged in users similarly to the program last and lastb. Aulast searches back through the audit logs or the given audit log file and displays a list of all users logged in (and out) based on the range of time in the audit logs. Names of users and tty's can be given, in which case aulast will show only those entries matching the arguments. Names of ttys can be abbreviated, thus aulast 0 is the same as last tty0. The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all reboots since the log file was created. The main difference that a user will notice is that aulast print events from oldest to newest, while last prints records from newest to oldest. Also, the audit system is not notified each time a tty or pty is allocated, so you may not see quite as many records indicating users and their tty's. OPTIONS
--bad Report on the bad logins. --extract Write raw audit records used to create the displayed report into a file aulast.log in the current working directory. -f file Use the file instead of the audit logs for input. --proof Print out the audit event serial numbers used to determine the preceeding line of the report. A Serial number of 0 is a place holder and not an actual event serial number. The serial numbers can be used to examine the actual audit records in more detail. Also an ausearch query is printed that will let you find the audit records associated with that session. --stdin Take audit records from stdin. EXAMPLES
To see this month's logins ausearch --start this-month --raw | aulast --stdin SEE ALSO
last(1), lastb(1), ausearch(8), aureport(8). AUTHOR
Steve Grubb Red Hat Nov 2008 AULAST:(8)
All times are GMT -4. The time now is 06:54 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy