05-23-2009
Impacts of emptying /var/adm/wtmp file ?
In our operating procedures, if a workstation has a space problem in the /var filesystem, one of the most frequent case we were told is the size of the /var/adm/wtmp file.
Someone once told me it is dangerous to do this. Is it ?
I cannot say for certain that whomever wrote that procedure is a qualified sys admin.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi, guys, I have a big problem.
I've got a sun solaris 4.1.4 workstation, and the /var/adm/message file will add one row every few seconds. It becomes a large file in a short time.
I wander if there are some mistakes configuring the workstation.
the /var/adm/message is as follow:
... (3 Replies)
Discussion started by: cloudsmell
3 Replies
2. Solaris
hi sirs
can u tell the difference between /var/log/syslogs and /var/adm/messages
in my working place i am having two servers.
in one servers messages file is empty and syslog file is going on increasing..
and in another servers message file is going on increasing but syslog file is... (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies
3. Solaris
I have a solaris 10 machine, lately I had a drive error issue so the dmesg command would show a screen full, now that the drive issue is resolved I want to have a fresh start for my #dmesg command output.
The root cron looks like this
The /etc/logadm.conf file has this entry
If I manually... (2 Replies)
Discussion started by: Tirmazi
2 Replies
4. Solaris
Do not know the reason y messages file is empty already restarted the syslog daemon but still its showing empty .
xxxxxxx# more /var/adm/messages
xxxxxx#
# ps -efo zone,pid,ppid,time,comm | grep syslog | grep global
global 11861 1 00:10 /usr/sbin/syslogd
svcs... (2 Replies)
Discussion started by: fugitive
2 Replies
5. AIX
Hi, The server is p570 with AIX@5300-10...
The messages file is missing...how do I get it back and start logging the messages??
Can I just create the file again? (2 Replies)
Discussion started by: gkr747
2 Replies
6. Solaris
what is the difference between tha /var/adm and /var/sadm files in solaris 10 Os
please can any one respond quickly
thanking you (2 Replies)
Discussion started by: wkbn86
2 Replies
7. AIX
Hi all.
I have a strange case on one of my AIX boxes. /var/adm/wtmp on server01 is ~ 400MB large but it only has ~1200 lines. For example on server02 there are ~85000 lines and the file is ~158MB large. I check lines through 'last | wc -l'. But when I check line directly with 'wc -l... (2 Replies)
Discussion started by: robroy
2 Replies
8. Solaris
Hi,
Is the contents in /var/log/syslog and /var/adm/messages are same??
Regards (3 Replies)
Discussion started by: vks47
3 Replies
9. AIX
dear all
this attached photo is send to me from Arcsight admin can you please advice
ftpd failed to write /var/adm/wtmp not owner
ftpd failed to write /var/adm/wtmp error 0 (1 Reply)
Discussion started by: thecobra151
1 Replies
10. UNIX for Advanced & Expert Users
Hi all,
I have F5 load balancer on my system and checking service status by opening an ftp session in every 30 seconds. These ftp sessions are being logged in /var/adm/wtmpx and filling up the file. when i run the last command most of the output is this ftp session. I was wondering if there is a... (1 Reply)
Discussion started by: cepxat
1 Replies
ac(8) System Manager's Manual ac(8)
NAME
ac - Outputs connect-session records
SYNOPSIS
ac [-dp] [-w filename] [user(s) ...]
FLAGS
Outputs the total connect time for each midnight-to-midnight period for which a wtmp file exists. When user(s) is specified, this flag lim-
its the output to the login names specified by any user(s) parameter(s). Outputs the connect time total by individual login name of the
user specified with the -p flag and the user(s) parameter. Omission of this flag permits a total only for the midnight-to-midnight time
period for all logged in users to be produced. Specifies a wtmp file other than the /var/adm/wtmp file. The wtmp file you access for data
may have been created automatically by some shell script administration command (for example, runacct) or manually by the system adminis-
trator when the original /var/adm/wtmp file becomes too large.
DESCRIPTION
The ac command prints to the default output device the total connect time in hours to the nearest hundredth for all users, or the connect
time for any user(s) specified with the -p flag. It also prints the names of users specified by the user(s) parameter who have logged in
during the life of the current /var/adm/wtmp file.
Connect-time records are written by the init and the login programs and are collected in the /var/adm/wtmp file, when such a file exists.
When a /var/adm/wtmp file does not exist, no connect-time accounting records are written; consequently, when connect-time records are
wanted, the system administrator should create a /var/adm/wtmp file that has an initial record length of 0 (zero). Records in wtmp files
(there may be more than one such file) should be processed periodically to keep the files from becoming too large.
When you use the runacct command in a shell script, additional wtmp files can be automatically created whenever the current wtmp file
becomes too large. You can output the contents of any of these other files when you specify the -w flag and the desired wtmp filename.
The ac command is run independently with respect to any accounting shell procedure created or run by any of the acct/* shell procedures or
runacct commands.
EXAMPLES
To obtain an output of the total connect time for all users who have logged in during the life of the current wtmp data file, enter:
/usr/sbin/ac To obtain an output of the total connect time for grossman and mcwhinney as recorded in the default wtmp data file,
enter:
/usr/sbin/ac grossman mcwhinney To obtain an output of the connect time subtotals for grossman and mcwhinney as recorded in the
default wtmp data file, enter:
/usr/sbin/ac -p grossman mcwhinney
FILES
Specifies the command path. Is the active data file for the collection of connect-time records.
RELATED INFORMATION
Commands: login(1), init(8) delim off
ac(8)