Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Search query
Top Forums Shell Programming and Scripting Search query Post 302818851 by john_prince on Sunday 9th of June 2013 02:50:38 PM
Old 06-09-2013
Hi,

Let me explain again -

We're looking for users who are making more than 3 heavy searches, within the log it will appear as "SRCH=Q".

As listed below in the log, what we would like to do is whenever we find 'SRCH=Q' within the log, we will use the connection number( 13570) and trace it back to the BIND to find out who it is, and then update the user value with number of occurrence, if the occurrence is > 3, perform some action ( like add it to restricted group - we will user some internal command for adding to the group).

Note: Within the logs BIND user come before the SRCH=Q, hence we need to perform a reverse query to get the BIND user.

Code:
[04/Jun/2013:13:06:13 -0600] conn=13570 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:13:08:14 -0600] conn=13570 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 SRCH=Q
[04/Jun/2013:13:09:15 -0600] conn=13571 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:13:10:17 -0600] conn=13571 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 
[04/Jun/2013:14:09:27 -0600] conn=13572 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:14:33:18 -0600] conn=13572 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 SRCH=Q
[04/Jun/2013:15:09:22 -0600] conn=13573 op=14 msgId=13 - BIND dn="uid=xyz123,ou=People,o=xyz.com" method=128 version=3
[04/Jun/2013:15:13:31 -0600] conn=13573 op=14 msgId=15 - RESULT err=0 tag=101 nentries=48030 etime=139 SRCH=Q

Hope this makes things clear.

Thanks, John
Last edited by john_prince; 06-09-2013 at 04:25 PM..
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

query on how to search for a line and read 4th word from that line

Assume I have a text file as below: me con pi ind ken pras ur me con rome ind kent pras urs pintu con mys ind pan pras ki con kit ind sys My requirement, I need to search for "con rome" and if exists, then print 4th word from rome, i.e in above example, since "con rome"... (4 Replies)
Discussion started by: jaggesh
4 Replies

2. UNIX for Dummies Questions & Answers

LDAP search query help

I would like to do an ldap search which looks for entries which do not actually have a certain attribute. Not that the attribute is Null, but where the attribute does not exist. Is this possible using ldapsearch? (3 Replies)
Discussion started by: dopple
3 Replies

3. Shell Programming and Scripting

Query Oracle tables and return values to shell script that calls the query

Hi, I have a requirement as below which needs to be done viz UNIX shell script (1) I have to connect to an Oracle database (2) Exexute "SELECT field_status from table 1" query on one of the tables. (3) Based on the result that I get from point (2), I have to update another table in the... (6 Replies)
Discussion started by: balaeswari
6 Replies

4. UNIX for Dummies Questions & Answers

Search Query

This issue has been causing me a headache all night.... I have a file, from a third party payment vendor, that contains an export of data including an order number (unique) and a payment value, amongst other data. I need to use the order numbers to integrate the database to check the order... (2 Replies)
Discussion started by: theref
2 Replies

5. Shell Programming and Scripting

Ldap search query

Hi All, I have a existing Ldap query which take a HOME as variable and gives the result where i grep for a particular line. ldapsearch -h server_domain_name -p 389 -D "uid=user,ou=appadm,o=ent" -w PaB -b "ou=roles,o=ent" "cidx=$HOME" | grep -w "ent: xyz" Now i have 330K Homes in a... (1 Reply)
Discussion started by: posner
1 Replies

6. Shell Programming and Scripting

Query the table and return values to shell script and search result values from another files.

Hi, I need a shell script, which would search the result values from another files. 1)execute " select column1 from table_name" query on the table. 2)Based on the result, need to be grep from .wft files. could please explain about this.Below is the way i am using. #!/bin/sh... (4 Replies)
Discussion started by: Rami Reddy
4 Replies

7. Shell Programming and Scripting

Complex string search query.

Hi, I wish to find the latest occurance of the below string in my log file. Once found, I need to search the below string after the above string and display this Request 331489 has passed or Request 331489 has failed I would like my query to be platform... (11 Replies)
Discussion started by: mohtashims
11 Replies

8. Programming

MYSQL query search between dates

Just a little help if possible I have a table with date data, I want to select dates that fall between today and 1 month ago, here's my query SELECT id, stdate, DATE_SUB(CURDATE(), INTERVAL 1 month) as monthago, CURDATE() as today FROM data_table where (stdate between 'today' and 'monthago')... (4 Replies)
Discussion started by: barrydocks
4 Replies

LEARN ABOUT LINUX

axi-cache

AXI-CACHE(1)							   User Commands						      AXI-CACHE(1)

NAME

       axi-cache - query the Apt Xapian Index

SYNOPSIS

       axi-cache [options] command [args]

DESCRIPTION

       Query the Apt Xapian index.

   Commands:
	      search commands:

       axi-cache again [query]
	      repeat the last search, possibly adding query terms

       axi-cache help
	      show a summary of commands

       axi-cache info
	      print information about the apt-xapian-index environment

       axi-cache last [count]
	      show the last results again

       axi-cache more [count]
	      show more terms from the last search

       axi-cache rdetails pkgname[s]
	      show details of reverse relationships for the given packages

       axi-cache search [terms]
	      start a new search

	      apt-cache front-ends:

       axi-cache depends pkgname[s]
	      run apt-cache depends pkgname[s]

       axi-cache madison pkgname[s]
	      run apt-cache madison pkgname[s]

       axi-cache policy pkgname[s]
	      run apt-cache policy pkgname[s]

       axi-cache rdepends pkgname[s]
	      run apt-cache rdepends pkgname[s]

       axi-cache show pkgname[s]
	      run apt-cache show pkgname[s]

       axi-cache showpkg pkgname[s]
	      run apt-cache showpkg pkgname[s]

       axi-cache showsrc pkgname[s]
	      run apt-cache showsrc pkgname[s]

OPTIONS

       --version
	      show program's version number and exit

       -h, --help
	      show this help message and exit

       -s SORT, --sort=SORT
	      sort by the given value, as listed in /var/lib/apt-xapian-index/values. Add a '-' to reverse sort order

       --tags show matching tags, rather than packages

       --tabcomplete=TYPE
	      suggest words for tab completion of the current command line (type is 'plain' or 'partial')

       --last use 'show --last' to limit tab completion to only the packages from the last search results

       --all  disable  pagination and always show all results. Note that search results are normally sorted by relevance, so you may find meaning-
	      less results at the end of the output

axi-cache 0.44							  September 2011						      AXI-CACHE(1)
All times are GMT -4. The time now is 08:16 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy