09-17-2015
Repetitive failed tries could be a hint for some unusual behaviour.
Else you might go look up this log when something bad has happened already to get a clue afterwards who might have been it.
If this is not enough and you are looking for some more information, which commands have been issued by whom etc., you might want to have a look at an auditing suite.
Maybe auditd is available for your Linux distribution.
5 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
A very n00b question: After compiling and installing software, where does the original source code reside? I'd like to study the source code of some of the ports I've installed. Thanks! :D (1 Reply)
Discussion started by: Aaron Van
1 Replies
2. Shell Programming and Scripting
Hi guys,
I 've been brewing this shellscript, but I can't test it until next tuesday.
In the meantime I am too curious wether it will work or not, so I'd like to hear your comments.
Background:
I want to watch the user quota for mailboxes in various email-domains on a IMAP-server.
I have... (1 Reply)
Discussion started by: algernonz
1 Replies
3. Solaris
Dears
if i want to run this job every Saturday at 6 AM that will be the code
* 6 * * 1 cd /export/home/jenova ; ls -ltr >> $HOME/jenova_dir (2 Replies)
Discussion started by: jenovaux
2 Replies
4. Post Here to Contact Site Administrators and Moderators
https://www.unix.com/unix-dummies-questions-answers/117633-top-output-specific-process-file-2.html (2 Replies)
Discussion started by: methyl
2 Replies
5. IP Networking
Hello,
Please review the output below and suggest if you notice the parameters going out of limit.
netstat -p udp
udp:
382735172 datagrams received
0 incomplete headers
0 bad data length fields
0 bad checksums
12519 dropped due to no socket
... (2 Replies)
Discussion started by: Vishal_dba
2 Replies
sulog(4) File Formats sulog(4)
NAME
sulog - su command log file
SYNOPSIS
/var/adm/sulog
DESCRIPTION
The sulog file is a record of all attempts by users on the system to execute the su(1M) command. Each time su(1M) is executed, an entry
is added to the sulog file.
Each entry in the sulog file is a single line of the form:
SU date time
result port user-newuser
where
date The month and date su(1M) was executed. date is displayed in the form mm/dd where mm is the month number and dd is the
day number in the month.
time The time su(1M) was executed. time is displayed in the form HH/MM where HH is the hour number (24 hour system) and MM
is the minute number.
result The result of the su(1M) command. A ` + ' sign is displayed in this field if the su attempt was successful; otherwise a
` - ' sign is displayed.
port The name of the terminal device from which su(1M) was executed.
user The user id of the user executing the su(1M) command.
newuser The user id being switched to with su(1M).
EXAMPLES
Example 1: A sample sulog file.
Here is a sample sulog file:
SU 02/25 09:29 + console root-sys
SU 02/25 09:32 + pts/3 user1-root
SU 03/02 08:03 + pts/5 user1-root
SU 03/03 08:19 + pts/5 user1-root
SU 03/09 14:24 - pts/5 guest3-root
SU 03/09 14:24 - pts/5 guest3-root
SU 03/14 08:31 + pts/4 user1-root
FILES
/var/adm/sulog su log file
/etc/default/su contains the default location of sulog
SEE ALSO
su(1M)
SunOS 5.10 6 Jun 1994 sulog(4)