Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: User auditing from AIX server
Operating Systems AIX User auditing from AIX server Post 302908073 by bakunin on Thursday 3rd of July 2014 10:25:34 AM
Old 07-03-2014
Quote:
Originally Posted by Nagesh_1985
Thanks...1 final question.
Does the 'last' command work for RHEL, HP-UX and Solaris servers ?
The "last" command records the log-on- and log-off-times of any connection to the AIX-server, regardless of the OS this has originated from. You will see IP-addresses (or their DNS-equivalents) and other information pertaining to the connection, but no direct information about the client the connection has been made from.

Regardless of where you come from, all the clients you mentioned use the same mechanism: they start a SSH-client (in Linux derivates this is the command line utility "ssh", in Windows this would be "putty" or maybe some other tool with the same functionality) and connect to the SSH-server(-process) on the AIX-system. This in turn will validate (like asking for passwords, ...) and finally establish the session - which will be logged in a file "/var/adm/wtmp", which "last" reads.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. AIX

User Auditing

i want to audit user commands .. keep track of what commands each user has been giving .. can this be done by writing a script in engraving it in .profile of the user. or is there any other way of doing this ... rgds raj (2 Replies)
Discussion started by: rajesh_149
2 Replies

2. AIX

turning auditing on AIX 4.3

Hi, What's the best way to turn on the auditing in AIX 4.3? I'm in an environment where root password are shared with many users. Can sudoers member be audited properly? Thanks (1 Reply)
Discussion started by: itik
1 Replies

3. AIX

user cannot login into AIX-6.1 server

Dear Friends , I got a problem In our AIX 6.1 server . When I start or restart the machine I cannot Login the server . It shows a dialog box and shows some comments , those are : >> The DT messaging system could not be started . To correct the problem : 1. Choose to return the login... (1 Reply)
Discussion started by: shipon_97
1 Replies

4. Shell Programming and Scripting

user auditing

Hello, is there some way to track what shell commands some user is executing ? Something like to have some log file where i could see what commands some user used, e.g. rm -r dirname , ls -l .... and so on ... I have 2.6.13-1.1526_FC4smp (9 Replies)
Discussion started by: tonijel
9 Replies

5. AIX

AIX auditing

I have a question relating with AIX auditing Question is can we set Auditing on a particular file in AIX for a particular application only? Let say I have a file name "info.jar" and I have three application named APP1, APP2 & APP3 which are accessing that file so I want to know that which... (0 Replies)
Discussion started by: m_raheelahmed
0 Replies

6. AIX

AIX Auditing problam

i have sucessfully enable the auditing on AIX with adding som onjects. but when i go for auditpr -v < /audit/trail vlets say i reset audit at last dat 5 pm auditpr -v < /audit/trail will show up to last day 5 pm. i have to reset audit every time to check latest logs. please... (3 Replies)
Discussion started by: prashantjain07
3 Replies

7. AIX

Help me! AUDITING AIX

Hi All, i've a problem on a AIX server with audit config... when i start the audit i receive this error: root@****:/etc/security/audit > /usr/sbin/audit start Audit start cleanup: The system call does not exist on this system. ** failed setting kernel audit objects I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies

8. AIX

AIX auditing

can some give some tips, most common security issues or and kind of advice about auditing aix system? regards (2 Replies)
Discussion started by: bongo
2 Replies

9. AIX

AIX auditing

In our customer place somebody removed and PV from the server. I want the information like which user removed this PV. Is there any way to get PV removal information. When did the PV removed from the server ? Whether AIX auding will help ? Where i can get these information ? Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies

10. AIX

Configure AIX server to send logs and auditing to Qradar

Hi All I need your help to configure Aix to send logs to Qradar, I did all the methods that mentioned in IBM website and no use, Plz Help,, The Logs should I receive from Aix and display in Qradar is (create user delete user changing in privileges....etc ) my skype account khaled_ly84 ... (4 Replies)
Discussion started by: khaled_ly84
4 Replies

LEARN ABOUT DEBIAN

plink

plink(1)							 PuTTY tool suite							  plink(1)

NAME

       plink - PuTTY link, command line network connection tool

SYNOPSIS

       plink [options] [user@]host [command]

DESCRIPTION

       plink is a network connection tool supporting several protocols.

OPTIONS

       The command-line options supported by plink are:

       -V     Show version information and exit.

       -pgpfp Display the fingerprints of the PuTTY PGP Master Keys and exit, to aid in verifying new files released by the PuTTY team.

       -v     Show verbose messages.

       -load session
	      Load settings from saved session.

       -ssh   Force use of SSH protocol (default).

       -telnet
	      Force use of Telnet protocol.

       -rlogin
	      Force use of rlogin protocol.

       -raw   Force raw mode.

       -serial
	      Force serial mode.

       -P port
	      Connect to port port.

       -l user
	      Set remote username to user.

       -m path
	      Read remote command(s) from local file path.

       -batch Disable interactive prompts.

       -pw password
	      Set  remote  password to password. CAUTION: this will likely make the password visible to other users of the local machine (via com-
	      mands such as `w').

       -L [srcaddr:]srcport:desthost:destport
	      Set up a local port forwarding: listen on srcport (or srcaddr:srcport if specified), and forward any connections over the  SSH  con-
	      nection to the destination address desthost:destport. Only works in SSH.

       -R [srcaddr:]srcport:desthost:destport
	      Set  up a remote port forwarding: ask the SSH server to listen on srcport (or srcaddr:srcport if specified), and to forward any con-
	      nections back over the SSH connection where the client will pass them on to the destination address desthost:destport. Only works in
	      SSH.

       -D [srcaddr:]srcport
	      Set  up  dynamic port forwarding. The client listens on srcport (or srcaddr:srcport if specified), and implements a SOCKS server. So
	      you can point SOCKS-aware applications at this port and they will automatically use the SSH connection to tunnel all  their  connec-
	      tions. Only works in SSH.

       -X     Enable X11 forwarding.

       -x     Disable X11 forwarding (default).

       -A     Enable agent forwarding.

       -a     Disable agent forwarding (default).

       -t     Enable pty allocation (default if a command is NOT specified).

       -T     Disable pty allocation (default if a command is specified).

       -1     Force use of SSH protocol version 1.

       -2     Force use of SSH protocol version 2.

       -C     Enable SSH compression.

       -i path
	      Private key file for authentication.

       -s     Remote command is SSH subsystem (SSH-2 only).

       -N     Don't start a remote command or shell at all (SSH-2 only).

       -sercfg configuration-string
	      Specify  the configuration parameters for the serial port, in -serial mode. configuration-string should be a comma-separated list of
	      configuration parameters as follows:

	      o      Any single digit from 5 to 9 sets the number of data bits.

	      o      `1', `1.5' or `2' sets the number of stop bits.

	      o      Any other numeric string is interpreted as a baud rate.

	      o      A single lower-case letter specifies the parity: `n' for none, `o' for odd, `e' for even, `m' for mark and `s' for space.

	      o      A single upper-case letter specifies the flow control: `N' for none, `X' for XON/XOFF, `R' for RTS/CTS and `D' for DSR/DTR.

MORE INFORMATION

       For more information on plink, it's probably best to go and look at the manual on the PuTTY web page:

       http://www.chiark.greenend.org.uk/~sgtatham/putty/

BUGS

       This man page isn't terribly complete. See the above web link for better documentation.

PuTTY tool suite						    2004-03-24								  plink(1)
All times are GMT -4. The time now is 01:14 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy