Thanks for the reply methyl, you've been very helpful so far. Regarding this comment:
Quote:
Originally Posted by methyl
I cannot comment properly on your circumvention because the bug depends on whether the computer identity is available or not. Therefore it may not be consistent in every record.
I'd be tempted to detect whether $12 contains an invalid day and move an "invalid" field to the end of the record (which would then conform to the "normal" layour of a fwtmp login/logout record where the client IP address or name is the last field and has variable length).
My reading of it is that if Solaris can't determine the ip address of the computer a user is logging in from, it doesn't include a hostname field in the login record at all, which in turn means that the login record's field numbers after the hostname are all decremented by one, which would cause my nawk command for login records to fail. Am I correct in my interpretation?
I did think I saw some inconsistent results in my output, which was one of the reasons why I started this thread in the first place. I'll have to review my results so far.
Edit: I was thinking that an easier way for me to detect log in lines that don't contain a hostname would be to simply count the number of space delimited fields nawk detects. Would that work?
Edit 2: After analysing output of various nawk commands on temp_ascii_login_file.txt I've determined that there are inconsistent formats for both Log Out and Log In lines. Please see the following:
I'll have to review some more and will post again.
---------- Post updated at 03:30 PM ---------- Previous update was at 11:14 AM ----------
Further update:
I've confirmed that both the Log In and Log Out records have the same format. The difference is that the most Log In lines contain the host field, but most Log Out lines omit it.
Examples:
Here they are nicely lined up:
For each pair of log in and log out records, the format does indeed appear to be the same.
I've found a way around the variable field length in my nawk command though. Regardless of the number of fields in each line, all of the date fields are at the end, so I can count the field numbers from the end backwards. This will give a consistent result for both record formats, and can also be used for both the login and logout records.
Last edited by confusedAdmin; 03-02-2012 at 10:22 AM..
Reason: Discovered inconsistentcies in both Log Out and Log In records.
This User Gave Thanks to confusedAdmin For This Post:
Hi -
Trying to understand a few things from an ifconfig -a output - can't seem to find info anywhere on the net.
Specifically - looking to understand the following:
Flags=8863
Smart
Running (is this the same as UP)
Simplex
inet6
supported media: autoselect - does that imply the... (1 Reply)
Hi,
I am having some problems understanding the info from the following output:
Disk /dev/sda: 17849 cylinders, 255 heads, 63 sectors/track
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0
Device Boot Start End #cyls #blocks Id System
/dev/sda1 *... (5 Replies)
Could you please explain me whats happening in the below code, appreciate your help, Thank you.
/product/apps/informatica/v7/pc/ExtProc/NewDAC/dacRecBuilder.sh
/product/apps/informatica/v7/pc/TgtFiles/NEW_DAC/DAC_Pos_TradeInv_Records.out ... (5 Replies)
Its very critical and 'm in need to schedule this on my crontab so that the output can be monitored by a tool
I have written the command below to redirect the error which has the output redirected to the file gincle_lol.log.
Code:
echo "---" >>/gingle/gincle_lol.log
date... (0 Replies)
Its very critical and 'm in need to schedule this on my crontab so that the output can be monitored by a tool
I have written the command below to redirect the error which has the output redirected to the file gincle_lol.log.
echo "---" >>/gingle/gincle_lol.log
date... (1 Reply)
ok, so I have a script im running on a linux box that uses "egrep" a lot. now, when i run this script, i check the TOP to see how much system resource it is using.
the "top" command gives the following output:
last pid: 25384; load avg: 1.06, 1.04, 0.76; up 351+06:30:24 ... (0 Replies)
After running nm command on any object file from out put can we get to know that wheather a symbol is a call to a function or definition of function ?
I am searching a class and function definitions inside many .so files.
I have 3 files which contain the symbol but I don't know wheather they... (2 Replies)
I ran the following command.
cat abc.c > abc.c
I got message the following message from command cat:
cat: abc.c : input file is same as the output file
How the command came to know of the destination file name as the command is sending output to standard file. (3 Replies)
Hi,
I found this in a script and I would like to know how this works
Code is here:
# var1=PART1_PART2
# var2=${var1##*_}
# echo $var2
PART2
I'm wondering how ##* makes the Shell to understand to pick up the last value from the given. (2 Replies)
Hello,
Been looking through Google, and I don't see a direct answer to this:
# last
...
abcd pts/1 srever02 Mon Feb 23 07:56 - 07:56 (00:00)
abcd sshd server02 Mon Feb 23 07:56 - 07:56 (00:00)
klmn sshd ... (2 Replies)