Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help Required: Command to find IP address and command executed of a user
Special Forums Cybersecurity Help Required: Command to find IP address and command executed of a user Post 302222408 by redoubtable on Wednesday 6th of August 2008 08:12:48 PM
Old 08-06-2008
Like era said, accouting will do the job, but it will only give you the commands executed by a given user, not the IP address he/she used to enter your machine.

For something really accurate you could use grsecurity's patches which specially create a proc entry with the ip address of the user who created a given process.

Not sure if selinux would help you with this.

RSBAC also gives you IP information in its logs.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

how to find the exit status for the last executed command

I am executing a find command in my script i.e find $2 -type f -name '*.gif' -mtime +$1 -exec rm {} \; how do i check that this command is executed properly.. i would lke t trap the errror and display my error message kinly help.. this is an urgent issue. (1 Reply)
Discussion started by: vijay.amirthraj
1 Replies

2. UNIX for Dummies Questions & Answers

Is there a unix command to find ALL hostnames for an ip address?

I am trying to determine if there are several url/host names for an IP address. Is there a UNIX command to find ALL host names for an IP address? Thank you in advance. (3 Replies)
Discussion started by: rukasu
3 Replies

3. Shell Programming and Scripting

Need help! command working ok when executed in command line, but fails when run inside a script!

Hi everyone, when executing this command in unix: echo "WM7 Fatal Alerts:", $(cat query1.txt) > a.csvIt works fine, but running this command in a shell script gives an error saying that there's a syntax error. here is content of my script: tdbsrvr$ vi hc.sh "hc.sh" 22 lines, 509... (4 Replies)
Discussion started by: 4dirk1
4 Replies

4. Shell Programming and Scripting

System Command dies even when command gets executed successfully

Hi I have created a perl script & running it using Linux machine. I want my script to die when system command is unsuccessful but script is dying even when system command gets executed successfully. :wall: I am using the command below :- system($cmd) || die "FAILED $!"; print "Hello"; ... (2 Replies)
Discussion started by: Priyanka Gupta
2 Replies

5. AIX

How to find the log for executed command in IBM AIX?

In Unix If we executed any command where will generate the particluar log related to command in Unix. (4 Replies)
Discussion started by: victory
4 Replies

6. Shell Programming and Scripting

Need to echo command successful if command is executed successfully

Hello, I have written a command n shell script : srvctl relocate service -d t1 -s s1 -i i1 -t t1 -f If the above command executes successfully without error I need to echo "Service relocated successfully and If it errors out I need to trap the errors in a file and also need to make... (1 Reply)
Discussion started by: Vishal_dba
1 Replies

7. UNIX for Dummies Questions & Answers

Set Command to output a log of every command executed in the script

Hi Guys, I like to output every command executed in the script to a file. I have tried set -x which does the same. But it is not giving the logs of the child script which is being called from my script. Is there any parameters in the Set command or someother way where i can see the log... (2 Replies)
Discussion started by: mac4rfree
2 Replies

8. SuSE

Find command doesn't pipe the output as required.

Hi, I am using below code snippet to echo/display the files found (matching a pattern from searchstring.out file) and the corresponding owner. while read j do echo "Pattern to search is:- $j" find / -name "*$j*" |\ while read k do echo "File found is:- $k" owner=$(ls... (9 Replies)
Discussion started by: Vipin Batra
9 Replies

9. UNIX for Beginners Questions & Answers

Find Original user who executed the command

Hi Team, Please help me with the below question. SunOS 5.10 Shell: -bash I am trying to find the original user who executed a command on my development server. In my dev server users login using their personal id and sudo to a common id using 'sudo -u commonid -i'. Once logged in as... (6 Replies)
Discussion started by: sam99
6 Replies

10. UNIX for Beginners Questions & Answers

Find heartbeat ip address with cllsif command

hi~~ my Os is 6.1 i want to find heartbeat ip address from below result. i think, is it en7 onto both nodes? /usr/es/sbin/cluster/utilities/cllsif Adapter Type Network Net Type Attribute Node IP Address Hardware Address Interface Name Global Name ... (2 Replies)
Discussion started by: tomato00
2 Replies

LEARN ABOUT OPENSOLARIS

lastcomm

lastcomm(1)							   User Commands						       lastcomm(1)

NAME

       lastcomm - display the last commands executed, in reverse order

SYNOPSIS

       lastcomm [-f file] [-x] [command-name] ... [user-name] ...
	    [terminal-name] ...

DESCRIPTION

       The  lastcomm command gives information on previously executed commands. lastcomm with no arguments displays information about all the com-
       mands recorded during the current accounting file's lifetime. If called with arguments, lastcomm only displays accounting  entries  with  a
       matching  command-name, user-name, or terminal-name. If extended process accounting is active (see acctadm(1M)) and is recording the appro-
       priate data items, lastcomm attempts to take data from the current extended process accounting file.  If  standard  process  accounting	is
       active, lastcomm takes data from the current standard accounting file (see acct(2)).

       If  terminal-name is `- -', there was no controlling TTY for the process. The process was probably executed during boot time. If  terminal-
       name is `??', the controlling TTY could not be decoded into a printable name.

       For each process entry, lastcomm displays the following items of information:

	   o	  The command name under which the process was called.

	   o	  One or more flags indicating special information about the process. The flags have the following meanings:

		  F    The process performed a fork but not an exec.

		  S    The process ran as a set-user-id program.

	   o	  The name of the user who ran the process.

	   o	  The terminal which the user was logged in on at the time (if applicable).

	   o	  The amount of CPU time used by the process (in seconds).

	   o	  The date and time the process exited.

OPTIONS

       The following options are supported:

       -f file	  Uses file as the source of accounting data. file may be either an  extended  process	accounting  file  or  a  standard  process
		  accounting file.

       -x	  Uses	the  currently	active	extended process accounting file. If extended processing accounting is inactive, no output will be
		  produced.

EXAMPLES

       Example 1 Listing executions of named commands

       The command

	 example% lastcomm a.out root term/01

       produces a listing of all the executions of commands named a.out by user root while using the terminal term/01.

       Example 2 Listing all user commands

       The command

	 example% lastcomm root

       produces a listing of all the commands executed by user root.

FILES

       /var/adm/pacct	       standard accounting file

       /var/adm/exacct/proc    extended accounting file

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWesu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       last(1), acctadm(1M), acct(2), acct.h(3HEAD), sigvec(3UCB), core(4), attributes(5)

SunOS 5.11							    10 Jan 2000 						       lastcomm(1)
All times are GMT -4. The time now is 08:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy