A compromise perhaps bolting several things together.
From the suggestions given and further digging, I've ended up with:-
To explain it a bit more:-
The ${userregex} is a regular expression for all the users we are interested in, so we can exclude testing messages which sadly get written to the same log.
The text output is just for checking we've got it, there would be further processing (and that's all fine) This is finding a way to get the last logged entry for each user, so the printf line is just for debug.
We removed the grep with the two expressions (both must be satisfied) see this thread
The output file(s) are redirected to /tmp/logs/splitlog. appended by the output from the gensub on field 11. The gensub removes all characters from field 11 that are not matched by being alphanumeric, full-stop (period for American English), underscore or hyphen, those all being acceptable characters to build a filename from and sensibly allowed in user account names. We could possibly have apostrophes too, but these have been excluded.
It seems to work for me in testing, but I'd appreciate another few sets of eyes to validate I'm not doing something daft and leaving a gaping hole somewhere.
Hello All.
I am having a directory /tmp/rahul which contains many files in the format
@#home@#rahul@#programs@#script.pl
where /home/rahul/programs is the directory where the script.pl file is to be placed.
I have many files in this format.
What i want is a script which read these... (7 Replies)
Hye all,
I would like some help with reading in a file in which the data is seperated by commas. for instance:
input.dat:
1,2,34,/test
for the above case, the fn. will store the values into an array -> data as follows:
data = 1
data = 2
data = 34
data = /test
I am trying to write... (5 Replies)
I'm reading 2 input files but not getting expected value.
I should get an alpha value on file_1_data but not getting any.
Please help.
>cat test6.sh
awk '
FILENAME==ARGV { file_1_data=$0; print "----- 1 Line " NR " -----" $1; next }
FILENAME==ARGV { file_2_data=$0; print "----- 2... (1 Reply)
Hi,
I needs to split *.txt files from single directory depends on the some mutltiple input values. i have wrote the code like below
for file in *.txt
do
grep -i -h "value1|value2" $file > $file;
done.
My requirment is more input values needs to be given in grep; let us say 50... (3 Replies)
Hi guys,
I am new to AWK and unix scripting. Please see below my problem and let me know if anyone you can help.
I have 2 input files (example given below)
Input file 2 is a standard file (it will not change) and we have to get the name (second column after comma) from it and append it... (5 Replies)
Hi all,
I have a list of xml file. I need to split the files to a different files when see the <ko> tag.
The list of filename are
B20090908.1100-20090908.1200_CDMA=1,NO=2,SITE=3.xml
B20090908.1200-20090908.1300_CDMA=1,NO=2,SITE=3.xml
B20090908.1300-20090908.1400_CDMA=1,NO=2,SITE=3.xml
... (3 Replies)
Hi ,
I am receiving a CSV file that can vary in number of rows each time.
I am supposed to split this file into 3 separate files like this:
1. create a file named 'File1.csv' that will contain first 3 rows of the input file
2. create file named 'File2.csv' that will contain last 3 rows of the... (7 Replies)
Hello All,
I have a comma delimiter file with 10 columns. I took the desired data but from $4 I need to split into two columns as 3+7 bytes.
awk -F"," -v OFS=',' '{print $2,$3,$4}' foo.txt
42366,11/10/2014,5012418769
42366,11/10/2014,2046955672
42366,11/10/2014,2076802951
... (3 Replies)
Hello,
I am running under ubuntu1 14.04 and I have a script which is sending given process names to vanish so that I'd see less output when I run most popular tools like top etc in terminal window. In usual method it works.
Whenever I restart the system, I have to enter the same data from... (2 Replies)
Discussion started by: baris35
2 Replies
LEARN ABOUT CENTOS
aulast
AULAST:(8) System Administration Utilities AULAST:(8)NAME
aulast - a program similar to last
SYNOPSIS
aulast [ options ] [ user ] [ tty ]
DESCRIPTION
aulast is a program that prints out a listing of the last logged in users similarly to the program last and lastb. Aulast searches back
through the audit logs or the given audit log file and displays a list of all users logged in (and out) based on the range of time in the
audit logs. Names of users and tty's can be given, in which case aulast will show only those entries matching the arguments. Names of ttys
can be abbreviated, thus aulast 0 is the same as last tty0.
The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all reboots since the log file was
created.
The main difference that a user will notice is that aulast print events from oldest to newest, while last prints records from newest to
oldest. Also, the audit system is not notified each time a tty or pty is allocated, so you may not see quite as many records indicating
users and their tty's.
OPTIONS --bad Report on the bad logins.
--extract
Write raw audit records used to create the displayed report into a file aulast.log in the current working directory.
-ffile Use the file instead of the audit logs for input.
--proof
Print out the audit event serial numbers used to determine the preceding line of the report. A Serial number of 0 is a place holder
and not an actual event serial number. The serial numbers can be used to examine the actual audit records in more detail. Also an
ausearch query is printed that will let you find the audit records associated with that session.
--stdin
Take audit records from stdin.
EXAMPLES
To see this month's logins
ausearch --start this-month --raw | aulast --stdin
SEE ALSO last(1), lastb(1), ausearch(8), aureport(8).
AUTHOR
Steve Grubb
Red Hat Nov 2008 AULAST:(8)