|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Redirecting log files to null writing junk into log files
Post 303008204 by bakunin on Tuesday 28th of November 2017 02:05:59 PM
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
If I wanted to redirect output to multiple log files, what would be the best way to do that?
echo "Unix is awesome" >>unixgod.log >>unixgod.log (3 Replies)
Discussion started by: darthur
3 Replies
2. UNIX for Dummies Questions & Answers
Solaris v5.6
What log files should be checked out as part of your sys admin daily routine?
I've printed out my syslog.conf file, and looked in /var/log and found authlog, syslog, and POPlog. I know of /var/adm/messages.
What others should I be looking for?
I know of the "find" command. I... (8 Replies)
Discussion started by: Westy564
8 Replies
3. UNIX for Dummies Questions & Answers
Hello,
I have a set of data (comma seperated) that I want to save to multiple files according to one of the fields in the data set.
I can easily do this with the following script:
BEGIN { FS = OFS = ","}
NF {print $0 >> ($2 "" ".csv")}
It works perfectly on a set of dummy data I have set... (8 Replies)
Discussion started by: pfft
8 Replies
4. Shell Programming and Scripting
Hey Guys,
I was wondering if someone would give me a hand with an issue I'm having, let me explain the situation:
I have a file that is constantly being written to and read from with updated lines:
# cat activity.file
activity1
activity2
activity3
activity4
activity5
This file... (2 Replies)
Discussion started by: bashshadow1979
2 Replies
5. Shell Programming and Scripting
How can view log messages between two time frame from /var/log/message or any type of log files.
when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval.
Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies
6. Shell Programming and Scripting
we r to develope a project which involves automatic encryption of all the text files user was working upon during logg off
and to decrypt them during log on
this is to be done by writing a shell script
can anyone help (2 Replies)
Discussion started by: vyom
2 Replies
7. Shell Programming and Scripting
To delete log files content older than 30 days and append the lastest date log file date in the respective logs
I want to write a shell script that deletes all log files content older than 30 days and append the lastest log file date in the respective logs
This is my script
cd... (2 Replies)
Discussion started by: sreekumarhari
2 Replies
8. Shell Programming and Scripting
is there a way to efficiently monitor logfiles that do not have a date or time format? i have several logs on several different servers that need to be monitored. but i realized writing a script for this would be very complex and time consuming giving the variety of things i need to check for i.e.... (2 Replies)
Discussion started by: SkySmart
2 Replies
9. Shell Programming and Scripting
Hi Guys,
I am using set -x in my script to track the flow of the script.
But if i want to write the output of the set -x into a log file, how do i do it?
Thanks,
Ajay (3 Replies)
Discussion started by: Ajay Venkatesan
3 Replies
10. Shell Programming and Scripting
Hello Everyone,
I want to delete the image files from a directory, which are not listed in a TEXT file.
The directory contains large number of image files (in millions) required / not required. I want to delete the image files which are "not required".
I have generated a Text file having... (3 Replies)
Discussion started by: Praveen Pandit
3 Replies
LEARN ABOUT POSIX
audit.log
audit.log(4) File Formats audit.log(4) NAME
audit.log - audit trail file SYNOPSIS
#include <bsm/audit.h> #include <bsm/audit_record.h> DESCRIPTION
audit.log files are the depository for audit records stored locally or on an on an NFS-mounted audit server. These files are kept in direc- tories named in the file audit_control(4) using the dir option. They are named to reflect the time they are created and are, when possible, renamed to reflect the time they are closed as well. The name takes the form yyyymmddhhmmss.not_terminated.hostname when open or if the auditd(1M) terminated ungracefully, and the form yyyymmddhhmmss.yyyymmddhhmmss.hostname when properly closed. yyyy is the year, mm the month, dd day in the month, hh hour in the day, mm minute in the hour, and ss second in the minute. All fields are of fixed width. Audit data is generated in the binary format described below; the default for Solaris audit is binary format. See audit_syslog(5) for an alternate data format. The audit.log file begins with a standalone file token and typically ends with one also. The beginning file token records the pathname of the previous audit file, while the ending file token records the pathname of the next audit file. If the file name is NULL the appropriate path was unavailable. The audit.log files contains audit records. Each audit record is made up of audit tokens. Each record contains a header token followed by various data tokens. Depending on the audit policy in place by auditon(2), optional other tokens such as trailers or sequences may be included. The tokens are defined as follows: The file token consists of: token ID 1 byte seconds of time 4 bytes microseconds of time 4 bytes file name length 2 bytes file pathname N bytes + 1 terminating NULL byte The header token consists of: token ID 1 byte record byte count 4 bytes version # 1 byte [2] event type 2 bytes event modifier 2 bytes seconds of time 4 bytes/8 bytes (32-bit/64-bit value) nanoseconds of time 4 bytes/8 bytes (32-bit/64-bit value) The expanded header token consists of: token ID 1 byte record byte count 4 bytes version # 1 byte [2] event type 2 bytes event modifier 2 bytes address type/length 1 byte machine address 4 bytes/16 bytes (IPv4/IPv6 address) seconds of time 4 bytes/8 bytes (32/64-bits) nanoseconds of time 4 bytes/8 bytes (32/64-bits) The trailer token consists of: token ID 1 byte trailer magic number 2 bytes record byte count 4 bytes The arbitrary data token is defined: token ID 1 byte how to print 1 byte basic unit 1 byte unit count 1 byte data items (depends on basic unit) The in_addr token consists of: token ID 1 byte IP address type/length 1 byte IP address 4 bytes/16 bytes (IPv4/IPv6 address) The expanded in_addr token consists of: token ID 1 byte IP address type/length 4 bytes/16 bytes (IPv4/IPv6 address) IP address 16 bytes The ip token consists of: token ID 1 byte version and ihl 1 byte type of service 1 byte length 2 bytes id 2 bytes offset 2 bytes ttl 1 byte protocol 1 byte checksum 2 bytes source address 4 bytes destination address 4 bytes The expanded ip token consists of: token ID 1 byte version and ihl 1 byte type of service 1 byte length 2 bytes id 2 bytes offset 2 bytes ttl 1 byte protocol 1 byte checksum 2 bytes address type/type 1 byte source address 4 bytes/16 bytes (IPv4/IPv6 address) address type/length 1 byte destination address 4 bytes/16 bytes (IPv4/IPv6 address) The iport token consists of: token ID 1 byte port IP address 2 bytes The path token consists of: token ID 1 byte path length 2 bytes path N bytes + 1 terminating NULL byte The path_attr token consists of: token ID 1 byte count 4 bytes path count null-terminated string(s) The process token consists of: token ID 1 byte audit ID 4 bytes effective user ID 4 bytes effective group ID 4 bytes real user ID 4 bytes real group ID 4 bytes process ID 4 bytes session ID 4 bytes terminal ID port ID 4 bytes/8 bytes (32-bit/64-bit value) machine address 4 bytes The expanded process token consists of: token ID 1 byte audit ID 4 bytes effective user ID 4 bytes effective group ID 4 bytes real user ID 4 bytes real group ID 4 bytes process ID 4 bytes session ID 4 bytes terminal ID port ID 4 bytes/8 bytes (32-bit/64-bit value) address type/length 1 byte machine address 4 bytes/16 bytes (IPv4/IPv6 address) The return token consists of: token ID 1 byte error number 1 byte return value 4 bytes/8 bytes (32-bit/64-bit value) The subject token consists of: token ID 1 byte audit ID 4 bytes effective user ID 4 bytes effective group ID 4 bytes real user ID 4 bytes real group ID 4 bytes process ID 4 bytes session ID 4 bytes terminal ID port ID 4 bytes/8 bytes (32-bit/64-bit value) machine address 4 bytes The expanded subject token consists of: token ID 1 byte audit ID 4 bytes effective user ID 4 bytes effective group ID 4 bytes real user ID 4 bytes real group ID 4 bytes process ID 4 bytes session ID 4 bytes terminal ID port ID 4 bytes/8 bytes (32-bit/64-bit value) address type/length 1 byte machine address 4 bytes/16 bytes (IPv4/IPv6 address) The System V IPC token consists of: token ID 1 byte object ID type 1 byte object ID 4 bytes The text token consists of: token ID 1 byte text length 2 bytes text N bytes + 1 terminating NULL byte The attribute token consists of: token ID 1 byte file access mode 4 bytes owner user ID 4 bytes owner group ID 4 bytes file system ID 4 bytes node ID 8 bytes device 4 bytes/8 bytes (32-bit/64-bit) The groups token consists of: token ID 1 byte number groups 2 bytes group list N * 4 bytes The System V IPC permission token consists of: token ID 1 byte owner user ID 4 bytes owner group ID 4 bytes creator user ID 4 bytes creator group ID 4 bytes access mode 4 bytes slot sequence # 4 bytes key 4 bytes The arg token consists of: token ID 1 byte argument # 1 byte argument value 4 bytes/8 bytes (32-bit/64-bit value) text length 2 bytes text N bytes + 1 terminating NULL byte The exec_args token consists of: token ID 1 byte count 4 bytes text count null-terminated string(s) The exec_env token consists of: token ID 1 byte count 4 bytes text count null-terminated string(s) The exit token consists of: token ID 1 byte status 4 bytes return value 4 bytes The socket token consists of: token ID 1 byte socket type 2 bytes remote port 2 bytes remote Internet address 4 bytes The expanded socket token consists of: token ID 1 byte socket domain 2 bytes socket type 2 bytes local port 2 bytes address type/length 2 bytes local port 2 bytes local Internet address 4 bytes/16 bytes (IPv4/IPv6 address) remote port 2 bytes remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address) The seq token consists of: token ID 1 byte sequence number 4 bytes The privilege token consists of: token ID 1 byte text length 2 bytes privilege set name N bytes + 1 terminating NULL byte text length 2 bytes list of privileges N bytes + 1 terminating NULL byte The use-of-auth token consists of: token ID 1 byte text length 2 bytes authorization(s) N bytes + 1 terminating NULL byte The command token consists of: token ID 1 byte count of args 2 bytes argument list (count times) text length 2 bytes argument text N bytes + 1 terminating NULL byte count of env strings 2 bytes environment list (count times) text length 2 bytes env. text N bytes + 1 terminating NULL byte The ACL token consists of: token ID 1 byte type 4 bytes value 4 bytes file mode 4 bytes The zonename token consists of: token ID 1 byte name length 2 bytes name <name length> including terminating NULL byte ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |: | +-----------------------------+-----------------------------+ | binary file format |Evolving | +-----------------------------+-----------------------------+ | binary file contents |Unstable | +-----------------------------+-----------------------------+ SEE ALSO
audit(1M), auditd(1M), bsmconv(1M), audit(2), auditon(2), au_to(3BSM), audit_control(4), audit_syslog(5) NOTES
Each token is generally written using the au_to(3BSM) family of function calls. SunOS 5.10 6 Jan 2004 audit.log(4)