Understanding the output of fwtmp Post: 302603549

Sponsored Content

Top Forums Shell Programming and Scripting Understanding the output of fwtmp Post 302603549 by confusedAdmin on Thursday 1st of March 2012 09:43:45 AM

03-01-2012

Registered User

Hi methyl.

Thanks for the response. Here are a couple of lines from the file. These are unedited, aside from me replacing the actual log in name they contain:

Code:

username                         s/10 pts/10                               23848  7 0000 0000 1203424585 4953 0 11 10.13.57.20 Tue Feb 19 12:36:25 2008
username                         s/10 pts/10                               23848  8 0000 0000 1203425529 334490 0 0  Tue Feb 19 12:52:09 2008

I've also spaced them out a bit, numbered the fields and labeled what I think the fields mean here:

Code:

Log in line:
$1        $2    $3      $4     $5      $6    $7    $8          $9      $10  $11  $12          $13    $14    $15       $16       $17
Username  ?     Term    Pid    Action  ?     ?     ?           ?       ?    ?    N/w host     Day    Month  Date      Time      Year
username  s/10  pts/10  23848  7       0000  0000  1203424585  4953    0    11   10.13.57.20  Tue    Feb    19        12:36:25  2008
 
Log out line:                                                                                                                
$1        $2    $3      $4     $5      $6    $7    $8          $9      $10  $11  $12          $13    $14    $15       $16
Username  ?     Term    Pid    Action  ?     ?     ?           ?       ?    ?    Day          Month  Date   Time      Year
username  s/10  pts/10  23848  8       0000  0000  1203425529  334490  0    0    Tue          Feb    19     12:52:09  2008

Space delimited field $5 in both lines identifies what I think is the action recorded by the line. I think '7' corresponds to a log in, and '8' corresponds to a log out.

$12 in the log in line contains what seems to be the ip address of the computer used to log in to Solaris from. This field is missing on the log out line, so it pushes out the rest of the fields - field $13 in the log in line corresponds to field $12 in the log out line, and so on for the remainder of the fields. This is why I need separate nawk commands for the two types of records.

Am I correct in what I've stated above? Also can you advise me what the fields I've labeled as '?' refer to?

Thanks,
cA.

confusedAdmin

View Public Profile for confusedAdmin

Find all posts by confusedAdmin

10 More Discussions You Might Find Interesting

1. OS X (Apple)

Ifconfig output - help understanding flags 'Smart, Simplex', etc

Hi - Trying to understand a few things from an ifconfig -a output - can't seem to find info anywhere on the net. Specifically - looking to understand the following: Flags=8863 Smart Running (is this the same as UP) Simplex inet6 supported media: autoselect - does that imply the...

2. UNIX for Dummies Questions & Answers

Help Understanding Output and question about /dev/

Hi, I am having some problems understanding the info from the following output: Disk /dev/sda: 17849 cylinders, 255 heads, 63 sectors/track Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0 Device Boot Start End #cyls #blocks Id System /dev/sda1 *...

3. UNIX for Dummies Questions & Answers

Understanding the output command

Could you please explain me whats happening in the below code, appreciate your help, Thank you. /product/apps/informatica/v7/pc/ExtProc/NewDAC/dacRecBuilder.sh /product/apps/informatica/v7/pc/TgtFiles/NEW_DAC/DAC_Pos_TradeInv_Records.out ...

4. AIX

Problem in understanding the output of errpt -d H -T PERM -s `date +"%m%d%H00%y"`

Its very critical and 'm in need to schedule this on my crontab so that the output can be monitored by a tool I have written the command below to redirect the error which has the output redirected to the file gincle_lol.log. Code: echo "---" >>/gingle/gincle_lol.log date...

5. Shell Programming and Scripting

problem in understanding the output of errpt -d H -T PERM -s `date +"%m%d%H00%y"`

6. Shell Programming and Scripting

Understanding the output of TOP

ok, so I have a script im running on a linux box that uses "egrep" a lot. now, when i run this script, i check the TOP to see how much system resource it is using. the "top" command gives the following output: last pid: 25384; load avg: 1.06, 1.04, 0.76; up 351+06:30:24 ...

7. UNIX for Dummies Questions & Answers

Understanding nm command output

After running nm command on any object file from out put can we get to know that wheather a symbol is a call to a function or definition of function ? I am searching a class and function definitions inside many .so files. I have 3 files which contain the symbol but I don't know wheather they...

8. Red Hat

Command understanding the output file destination in case of standard output!!!!!

I ran the following command. cat abc.c > abc.c I got message the following message from command cat: cat: abc.c : input file is same as the output file How the command came to know of the destination file name as the command is sending output to standard file.

9. Shell Programming and Scripting

Need your help in understanding this

Hi, I found this in a script and I would like to know how this works Code is here: # var1=PART1_PART2 # var2=${var1##*_} # echo $var2 PART2 I'm wondering how ##* makes the Shell to understand to pick up the last value from the given.

10. UNIX for Advanced & Expert Users

Understanding output of "last" command

Hello, Been looking through Google, and I don't see a direct answer to this: # last ... abcd pts/1 srever02 Mon Feb 23 07:56 - 07:56 (00:00) abcd sshd server02 Mon Feb 23 07:56 - 07:56 (00:00) klmn sshd ...

LEARN ABOUT DEBIAN

algorithm::checkdigits::m97_002

CheckDigits::M97_002(3pm)				User Contributed Perl Documentation				 CheckDigits::M97_002(3pm)

NAME

       CheckDigits::M97_002 - compute check digits for International Bank Account Number (IBAN)

SYNOPSIS

	 use Algorithm::CheckDigits;

	 $iban = CheckDigits('iban');

	 if ($iban->is_valid('DE88 2008 0000 09703 7570 0')) {
	       # do something
	 }

	 $cn = $iban->complete('DE00 2008 0000 09703 7570 0');
	 # $cn = 'DE88 2008 0000 09703 7570 0'

	 $cd = $iban->checkdigit('DE88 2008 0000 09703 7570 0');
	 # $cd = '88'

	 $bn = $iban->basenumber('DE88 2008 0000 09703 7570 0');
	 # $bn = 'DE00 2008 0000 09703 7570 0'

DESCRIPTION

   ALGORITHM
       0   The IBAN number must be prepared. The first two letters and the checksum will be moved to the right end. The letters are substituted
	   according to the substitute table and the checksum is set to '00'.

       1   The whole number is taken modulo 97.

       2   The checksum is difference between 98 and the sum of step 2.

       3   If the checksum is smaller then 10, a leading zero will be prepended.

   METHODS
       is_valid($number)
	   Returns true only if $number consists solely of numbers and the last digit is a valid check digit according to the algorithm given
	   above.

	   Returns false otherwise,

       complete($number)
	   The check digit for $number is computed and concatenated to the end of $number.

	   Returns the complete number with check digit or '' if $number does not consist solely of digits and spaces.

       basenumber($number)
	   Returns the basenumber of $number if $number has a valid check digit.

	   Return '' otherwise.

       checkdigit($number)
	   Returns the checkdigits of $number if $number has a valid check digit.

	   Return '' otherwise.

   EXPORT
       None by default.

AUTHOR

       Mathias Weidner, <mathias@weidner.in-bad-schmiedeberg.de>

THANKS

       Detlef Pilzecker pointed out to me that there may be more letters as the first two in an IBAN number. He also made me aware of a faster
       method to compute the check number than using Math::BigInt.

SEE ALSO

       perl, CheckDigits, www.pruefziffernberechnung.de, www.sic.ch/en/tkicch_home/tkicch_standardization/
       tkicch_financialinstitutions_ibanipi.htm.

perl v5.10.0							    2008-11-30						 CheckDigits::M97_002(3pm)