HP-UX real time audit log writing Post: 302704293

Sponsored Content

Operating Systems HP-UX HP-UX real time audit log writing Post 302704293 by CleverRiver6 on Friday 21st of September 2012 10:37:02 AM

09-21-2012

Registered User

it may have been part of me trying to clean it up that cut off some of the parts. Here is the original post that I pulled that code from that I tried to clean up. I went ahead and put code tags around the section of code. I am starting to understand it a little logically, but most my experience comes from java/rhel background so it being all together throws me off.

--orginal post--

"I had problems with HP-UX connectors not retrieving online logs. we came up with this script to be able to retrieve online logs, there are 2 files switching over file1 and file2 and the directory /.secure/etc/files2 is where audisp command output is written "

Code:

CURRENT=$(/usr/bin/audsys | grep "current file" | head -n 1 | cut -c 15-) NUM=$(print $CURRENT | cut -c 24) if [ $NUM = 1 ] then NEXTFILE=$(print $CURRENT | cut -c -23)"2" /usr/bin/audsys -c $NEXTFILE -s 100000 rm /.secure/etc/files2/*.processed /usr/bin/audisp /.secure/etc/files/file1 > /.secure/etc/files2/audit_out ; rm $CURRENT else NEXTFILE=$(print $CURRENT | cut -c -23)"1" /usr/bin/audsys -c $NEXTFILE -s 100000 rm /.secure/etc/files2/*.processed /usr/bin/audisp /.secure/etc/files/file2 > /.secure/etc/files2/audit_out ; rm $CURRENT fi

again thank you for any help that you might have!

CleverRiver6

View Public Profile for CleverRiver6

Find all posts by CleverRiver6

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

log users real time

hi.... how i can configurator a log file on real time....on unix solaris.... thanks a lot.... Best Regards...

2. Shell Programming and Scripting

Real time log file redirect

Hi all, i would like to write the shell script program, it can monitor the access_log "real time" when the access_log writing the line contain "abcdef" the program will be "COPY" this line into a file named "abcdef.txt", do the same thing if the contain "123456" "COPY" it into a file named...

3. Shell Programming and Scripting

Perl or Shell script to read a transaction log in real time

Hello, I have a Apache webserver running on RedHat. Its primary function is a proxy server for users accessing the internet. I have a transaction log that logs every transactions of every users. For users trying to access certain sites/content the transactions goes into a 302 redirect loop and...

4. Shell Programming and Scripting

shell script to replicate the log files from one location to another in real time

Hi, On the server, we have app log files in this location /app/logs/error.log On the same server, in a real time, we would like to replicate that into /var/ directory. if someone has already done this, please share the script. Thanks in advance.

5. Shell Programming and Scripting

[solved] How to see log in real time?

Hi people I have a bash script with a line like this: python example.py >> log & But i can't see anything in the log file while python program is running only if the program ends seems to write the log file. "$ cat log" for example don't show anything until the program ends. Is there...

6. Shell Programming and Scripting

Archiving or removing few data from log file in real time

Hi, I have a log file that gets updated every second. Currently the size has grown to 20+ GB. I need to have a command/script, that will try to get the actual size of the file and will remove 50% of the data that are in the log file. I don't mind removing the data as the size has grown to huge...

7. UNIX for Advanced & Expert Users

How to read a fast written log file at Real time speed?

Hello All, I am building a real time parser for a log file in my application. The log file is continuously written at a very fast pace and gets rolled over every 10 minutes. I have measured the speed and observed that around 1000 lines are written to it every second, each line about 30-40...

8. Shell Programming and Scripting

Log all the commands input by user at real time in /var/log/messages

Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below. function log2syslog { declare COMMAND COMMAND=$(fc -ln -0) logger -p local1.notice -t bash -i -- "$USER:$COMMAND" } trap...

LEARN ABOUT OPENSOLARIS

endusershell

getusershell(3C)					   Standard C Library Functions 					  getusershell(3C)

NAME

       getusershell, setusershell, endusershell - get legal user shells

SYNOPSIS

       #include <unistd.h>

       char *getusershell(void);

       void setusershell(void);

       void endusershell(void);

DESCRIPTION

       The  getusershell()  function  returns  a  pointer  to  a  legal  user  shell  as defined by the system manager in the file /etc/shells. If
       /etc/shells does not exist, the following locations of the standard system shells are used in its place:

	 /bin/bash		    /bin/csh
	 /bin/jsh		    /bin/ksh
	 /bin/ksh93		    /bin/pfcsh
	 /bin/pfksh		    /bin/pfsh
	 /bin/sh		    /bin/tcsh
	 /bin/zsh		    /sbin/jsh
	 /sbin/pfsh		    /sbin/sh
	 /usr/bin/bash		    /usr/bin/csh
	 /usr/bin/jsh		    /usr/bin/ksh
	 /usr/bin/ksh93 	    /usr/bin/pfcsh
	 /usr/bin/pfksh 	    /usr/bin/pfsh
	 /usr/bin/sh		    /usr/bin/tcsh
	 /usr/bin/zsh		    /usr/sfw/bin/zsh
	 /usr/xpg4/bin/sh

       The getusershell() function opens the file /etc/shells, if it exists, and returns the next entry in the list of shells.

       The setusershell() function rewinds the file or the list.

       The endusershell() function closes the file, frees any memory used by getusershell() and setusershell(), and rewinds the file /etc/shells.

RETURN VALUES

       The getusershell() function returns a null pointer on EOF.

BUGS

       All information is contained in memory that may be freed with a call to endusershell(), so it must be copied if it is to be saved.

NOTES

       Restricted shells should not be listed in /etc/shells.

SunOS 5.11							    1 Nov 2007							  getusershell(3C)