Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX: How to find down who enter a command?
Operating Systems AIX AIX: How to find down who enter a command? Post 302908788 by bobochacha29 on Thursday 10th of July 2014 11:05:03 AM
Old 07-10-2014
Quote:
Originally Posted by bakunin
With the PPID and the PID you can reconstruct "trees" of processes. Here is an example: a user types "ls" on the commandline. The following has happened:

The "login"-process has started a login-shell for that user. Because this shell is attached to a (maybe virtual) terminal you can distinguish separate sessions of the same user. They will differ in the terminal they use. This shell now starts another process, "ls".

Searching the process list for the user will give you some entries including the "ls" process. Read the PPID field and search the list again for a process having this process number in the PID field. This is the process which has started the "ls"-process - the shell it was started from. With the process information from this shell you find out which session of the user originated the process.

I hope this helps.

bakunin

Quote:
Originally Posted by MadeInGermany
Code:
term=`ps -fp 1000000 | awk '{t=$6} END {print t}'`
who -u | grep -w $term


Done SmilieSmilieSmilie
Thanks a lot SmilieSmilieSmilie
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Use -prune with find command on AIX

I am trying to get a list of top level directories below the search path but I don't want to descend subdirectories. The find command listed below returns me the list I want but it also returns subdirectories. I can't seem to get the -prune option to work the way I want. How would I modify the... (5 Replies)
Discussion started by: FuzzySlippers
5 Replies

2. Shell Programming and Scripting

How to find entering ENTER key?.

Hello All, i have a script to get input from the user like bellow, read -p "Do you want to continue (y/n) : " status i want to identify the pressing of Enter Key with out giving any value for the above statement and i want get the status if we press Enter key during run time. How to... (0 Replies)
Discussion started by: tsaravanan
0 Replies

3. UNIX for Dummies Questions & Answers

find command AIX

Hi all , could anyone please help with find command in AIX. I am trying to find files but there are more than 30thousand files in there.I realise I need to use xargs somehow but dunno the correct way to pull this. find /log_directory/* -prune -xdev -type f -mtime +20 | xargs ls -l the... (2 Replies)
Discussion started by: erinlomo
2 Replies

4. UNIX for Dummies Questions & Answers

AIX find command using prune option

Hi, I am trying to find some files in a directory and then remove/list them if they are 30 days old. I also have 2 directories in that directory which I need to skip. Can someone please tell me what is the correct syntax? find /developer/. -name "lost+found" "projects" -prune -o -type f... (2 Replies)
Discussion started by: tkhan9
2 Replies

5. AIX

How to find the log for executed command in IBM AIX?

In Unix If we executed any command where will generate the particluar log related to command in Unix. (4 Replies)
Discussion started by: victory
4 Replies

6. AIX

Command to find file system details on AIX

Hi , Could you please tell me how to find the following on AIX? 1.Command to find file system details? 2.What are all the files exist under a specific directory along with their sizes? In general we use, du -sh * | grep M under a directory which returns files having size of MB,... (18 Replies)
Discussion started by: Maddy123
18 Replies

7. Shell Programming and Scripting

Find command not working on AIX

Hello, I am running find command in an AIX Server to find last 7 days modified directories/files. >cd /usr/openv/netbackup/db/class >ls -l total 0 drwxr-xr-x 3 root system 256 May 28 2014 Catalog-Backup drwxr-xr-x 3 root system 256 Sep 18 2012 ... (4 Replies)
Discussion started by: rahul2662
4 Replies

8. AIX

AIX - find command with mtime

Hello experts, I would get from a list of files, which are more ancient than 1 hour. Examples: Current date: Wed Oct 28 16:10:02 SAT 2015 using: find path -name 'file_name. *' -mtime +0 I see files with less at 00:00:00 date of the current day. /path/file_name.20151027170725... (7 Replies)
Discussion started by: carlino70
7 Replies

9. UNIX for Beginners Questions & Answers

Prune Option for Find Command on AIX

I need to delete all files from the working directory and its sub directories using the find command, for that I am using -prune option but some how I am having a syntax issue. I have tried the below, please help me correct the syntax find . -name \* -type f -exec rm -f {} \; >> Works but... (4 Replies)
Discussion started by: rosebud123
4 Replies

10. Shell Programming and Scripting

Find command does not work on AIX 6.1

I have AiX system version 6.1 I wish the below find command to work on AiX system ksh shell and give similar output as this works fine on RedHat Linux centos 7. find /app/logs/fname1.out -printf "%M %u %TY-%Tm-%Td %TH:%TM %h/%f $(cksum<fname1.out | cut -d' ' -f1)\n" Output: -rw-r--r--... (7 Replies)
Discussion started by: mohtashims
7 Replies

LEARN ABOUT HPUX

audswitch

audswitch(2)							System Calls Manual						      audswitch(2)

NAME

       audswitch() - suspend or resume auditing on the current process

SYNOPSIS

DESCRIPTION

       suspends or resumes auditing within the current process.  This call is restricted to users with the privilege.

       One of the following flags must be used for aflag:

	  Suspend auditing on the current process.

	  Resume auditing on the current process.

       can be used in processes with the privilege to temporarily suspend auditing during intervals where auditing is to be handled by the process
       itself.	Auditing is suspended by a call to with the parameter and resumed later by a call to with the parameter.

       An call to resume auditing serves only to reverse the action of a previous call to suspend auditing.  A call to	to  resume  auditing  when
       auditing is not suspended has no effect.

       affects	only  the current process.  For example, cannot suspend auditing for processes from the current process.  (Use (see setaudproc(2))
       to enable or disable auditing for a process and its children).

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, returns If an error occurs, is returned and the global variable is set to indicate the error.

ERRORS

       fails if one of the following is true:

       The user does not possess the
		      privilege.

       The input parameter is neither
		      nor

AUTHOR

       was developed by HP.

SEE ALSO

       audevent(1M), audusr(1M), setaudproc(2), audit(5), privileges(5).

																      audswitch(2)
All times are GMT -4. The time now is 12:22 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy