Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Search query
Top Forums Shell Programming and Scripting Search query Post 302818851 by john_prince on Sunday 9th of June 2013 02:50:38 PM
Old 06-09-2013
Hi,

Let me explain again -

We're looking for users who are making more than 3 heavy searches, within the log it will appear as "SRCH=Q".

As listed below in the log, what we would like to do is whenever we find 'SRCH=Q' within the log, we will use the connection number( 13570) and trace it back to the BIND to find out who it is, and then update the user value with number of occurrence, if the occurrence is > 3, perform some action ( like add it to restricted group - we will user some internal command for adding to the group).

Note: Within the logs BIND user come before the SRCH=Q, hence we need to perform a reverse query to get the BIND user.

Code:
[04/Jun/2013:13:06:13 -0600] conn=13570 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:13:08:14 -0600] conn=13570 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 SRCH=Q
[04/Jun/2013:13:09:15 -0600] conn=13571 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:13:10:17 -0600] conn=13571 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 
[04/Jun/2013:14:09:27 -0600] conn=13572 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:14:33:18 -0600] conn=13572 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 SRCH=Q
[04/Jun/2013:15:09:22 -0600] conn=13573 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:15:13:31 -0600] conn=13573 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 SRCH=Q

Hope this makes things clear.

Thanks, John
Last edited by john_prince; 06-09-2013 at 04:25 PM..
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

query on how to search for a line and read 4th word from that line

Assume I have a text file as below: me con pi ind ken pras ur me con rome ind kent pras urs pintu con mys ind pan pras ki con kit ind sys My requirement, I need to search for "con rome" and if exists, then print 4th word from rome, i.e in above example, since "con rome"... (4 Replies)
Discussion started by: jaggesh
4 Replies

2. UNIX for Dummies Questions & Answers

LDAP search query help

I would like to do an ldap search which looks for entries which do not actually have a certain attribute. Not that the attribute is Null, but where the attribute does not exist. Is this possible using ldapsearch? (3 Replies)
Discussion started by: dopple
3 Replies

3. Shell Programming and Scripting

Query Oracle tables and return values to shell script that calls the query

Hi, I have a requirement as below which needs to be done viz UNIX shell script (1) I have to connect to an Oracle database (2) Exexute "SELECT field_status from table 1" query on one of the tables. (3) Based on the result that I get from point (2), I have to update another table in the... (6 Replies)
Discussion started by: balaeswari
6 Replies

4. UNIX for Dummies Questions & Answers

Search Query

This issue has been causing me a headache all night.... I have a file, from a third party payment vendor, that contains an export of data including an order number (unique) and a payment value, amongst other data. I need to use the order numbers to integrate the database to check the order... (2 Replies)
Discussion started by: theref
2 Replies

5. Shell Programming and Scripting

Ldap search query

Hi All, I have a existing Ldap query which take a HOME as variable and gives the result where i grep for a particular line. ldapsearch -h server_domain_name -p 389 -D "uid=user,ou=appadm,o=ent" -w PaB -b "ou=roles,o=ent" "cidx=$HOME" | grep -w "ent: xyz" Now i have 330K Homes in a... (1 Reply)
Discussion started by: posner
1 Replies

6. Shell Programming and Scripting

Query the table and return values to shell script and search result values from another files.

Hi, I need a shell script, which would search the result values from another files. 1)execute " select column1 from table_name" query on the table. 2)Based on the result, need to be grep from .wft files. could please explain about this.Below is the way i am using. #!/bin/sh... (4 Replies)
Discussion started by: Rami Reddy
4 Replies

7. Shell Programming and Scripting

Complex string search query.

Hi, I wish to find the latest occurance of the below string in my log file. Once found, I need to search the below string after the above string and display this Request 331489 has passed or Request 331489 has failed I would like my query to be platform... (11 Replies)
Discussion started by: mohtashims
11 Replies

8. Programming

MYSQL query search between dates

Just a little help if possible I have a table with date data, I want to select dates that fall between today and 1 month ago, here's my query SELECT id, stdate, DATE_SUB(CURDATE(), INTERVAL 1 month) as monthago, CURDATE() as today FROM data_table where (stdate between 'today' and 'monthago')... (4 Replies)
Discussion started by: barrydocks
4 Replies

LEARN ABOUT ULTRIX

hesupd

hesupd(8)						      System Manager's Manual							 hesupd(8)

Name
       hesupd - Hesiod update daemon for modifying BIND/Hesiod passwords

Syntax
Description
       The  Hesiod  update  daemon,  is a server that handles password change requests from the command and is run only on the BIND/Hesiod primary
       server serving the password database.  The daemon changes the password entries on the BIND/Hesiod primary server.

       The primary server is identified by the host name alias, bindmaster, which must exist on the server's host entry  in  the  hosts  database.
       The bindsetup command adds the host name alias, bindmaster to the file if it does not already exist.

       This  daemon is not run by default, nor can it be started up from the daemon.  If you want to enable remote password updating for BIND/Hes-
       iod, put an entry for in the file of the host serving as the primary server for the BIND/Hesiod file.  You can add the startup lines for to
       by running the command.

       Hesiod keeps a log file, which records successful and unsuccessful password changes by uid.

Examples
       This following example shows lines you can add to in order to start the Hesiod update daemon at boot time.
	  [ -f /usr/etc/hesupd ] && {
	     /usr/etc/hesupd; echo -n ' hesupd' >/dev/console
	  }

Files
       Startup commands pertinent to a specific system

       Log of password changes

       Default BIND Files:

       BIND/Hesiod passwd file

       BIND hosts file

See Also
       bindsetup(8), passwd(1)
       Guide to the BIND/Hesiod Service

																	 hesupd(8)
All times are GMT -4. The time now is 04:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy