monitoring various things (mainly activity) on different unix boxes

Thread Tools Search this Thread
Top Forums Shell Programming and Scripting monitoring various things (mainly activity) on different unix boxes
# 1  
Old 09-30-2011
monitoring various things (mainly activity) on different unix boxes

Hi there,

I want to ask you guys what you think about my problem.
I work as a sysadmin on about 7000 workstations or so and to save money and energy, we've decided to switch off as many workstations as possible during the night (probably by shutting it down by cron and power it on by WakeOnLAN).
We're also planning to develop a custom portal to let users choose if the workstation they're using cannot be shut down.

All of this is currently under discussion, and for now I need to report the nightly activity on a selection of workstations (RHEL4, RHEL5 and HP-UX 11.11), here is what I need :

- monitor if there's local user logged on the workstation
- monitor if there's remote user logged on the workstation
- activity of those users if applicable
- process running

Of course I first thought about the "ps -ef" and the "who" commands but there's about 50 workstations to monitor (during 2 weeks or so) and I'm not really a shell script guru and of course data collected must be compiled easily for me to report...

What do you think is the best option ?

# 2  
Old 09-30-2011
If you just need a minimalist output of who are logged in and load, then uptime or w are your friend
gech:/home/vbe $ rsh ant -n w
connect to address 10.XXX.YYY.2 port 544: Connection refused
Trying krb4 rsh...
connect to address 10.XXX.YYY.2 port 544: Connection refused
trying normal rsh (/usr/bin/rsh)
  5:07pm  up 24 days,  5:59,  7 users,  load average: 0.01, 0.01, 0.01
User     tty           login@  idle   JCPU   PCPU  what
vbe      pts/0        11:16am581:49 119:10 119:10  top
vbe      pts/1        11:17am192:07                ssh us99
vbe      pts/2         3:32pm192:57                ksh
vbe      pts/3         4:30pm  1:25                more case_usage_001.txt
vbe      pts/4         3:24pm  5:52                ksh
vbe      pts/5         3:25pm            1      1  -ksh
vbe      pts/6         2:25pm                      more -s

Last edited by vbe; 09-30-2011 at 01:17 PM.. Reason: typos
# 3  
Old 09-30-2011
What do you really need?
(You can always write a script using vmstat, iostat etc...)
On HP side. if you have an /opt/perf/bin directory, you could find monitorings tools there like mesureware mwa...

Last edited by vbe; 09-30-2011 at 01:23 PM..
# 4  
Old 09-30-2011
Thanks but I guess I didn't explain right :
I need to monitor who is connected (and doing what) during the night (e.g. from 9pm to 7am next morning) let's say every 15 minutes.

I thought about a shell script launched by cron job doing the who and the ps -ef command in a text file with some increment (like who.1.txt, who.2.txt and so on) and everyday when I start working compute all the data gathered during the night to have a report saying who was on each host and what was going on.

The purpose of all that is to check if there's some unknown activity by night that could possibly be killed by switching off workstations (user's crontab for example) and take the required actions to secure it.

Maybe my plan isn't the best (or at least the most effective) that's why I came to ask I you've got a better idea or if I'm on the good path.
# 5  
Old 09-30-2011
That is exactly what w does ( read the man pages...).
You could try from a "master" box to execute your job using rdist ( but long since last time I did such things..) or use cron/at on all boxes and get them to write all at the same place (using NFS?)
# 6  
Old 09-30-2011
Information who is connected available in syslog.

Please look at the syslogd on your box, you can increase / decrease / separate various logging on your system, for your scripts and/or log managment software to parse it.

For doing what really depends.. it would be a better approach to think what do you don't want users to do to the system or information.
That's why you have user kernel limits, unix permissions and ACLs and secure protocols to communicate and authenticate with (ssh, ssl, kerberos)

Try to make folks think about what they want, who will do it and with what permissions.

root account can be fine-tuned and logged (command wise) per your desire using sudo
# 7  
Old 09-30-2011
Thinking of it, you could very well have jobs running without anyone connected...How will you find out that? with ps?
You will have to go through all /var/spool/cron... etc...
I usually keep a userlist file I use to kill everything at 20:00 (so that I can do some cleanup and sanity check before backups, people having specific jobs or who need to works after have to see with me... (and I remove them temporarily from the list...).
Could you not use that approach for a start? (machines are to not work from 21:00 -9:00, so who/what are the exceptions...)
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Red Hat

RHEL Linux process activity monitoring tool from windows 7 system

I have 2 RHEL 5.9 system where customized applications are running. These 2 servers are with in a network (LAN) with each other.One application in say Server 1 can talk to another application in server 2 and vice versa. The applications are exchanging data among each other. Recently I am... (0 Replies)
Discussion started by: Anjan Ganguly
0 Replies

2. Solaris

how to config sudo in unix boxes

Hi How to configure sudo in all unix boxes. plz provide the step by step process. Regards Praveen (3 Replies)
Discussion started by: tv.praveenkumar
3 Replies

3. Solaris

Monitoring all user keystroke activity

Hello, First post so bear with me....i've done lost of searches on this and did not find a definitive answer. I need to be able to capture in log every single keystroke a user performs, I am aware that the script command can be used to do this, however, here is my dilemma/problem. Here... (1 Reply)
Discussion started by: giles.cardew
1 Replies

4. AIX

Monitoring the network activity happening in a port in AIX 5.3

Hi All, I would like to monitor the volume of Data that is transferred through a single port in AIX. I have nmon installed in my machine. What is the best possible solution for this problem. Thanks in Advance. (3 Replies)
Discussion started by: bravo13
3 Replies

5. UNIX for Dummies Questions & Answers

How do I install things on Unix?

I am really confused as to how to install a piece of software on Unix especially after having worked with Windows for over 10 years. I see the tar.gz, tar.gz2 and rpm packages. How do I install these things? Do I have to be a root to do this? If its only the root, then how do users generally... (4 Replies)
Discussion started by: Legend986
4 Replies

6. UNIX for Dummies Questions & Answers

Help! Suggestions on what I can I use my 2 unix boxes for?

Once upon a looong time ago I used to work with Unix systems - SGI mainly. Now I've inherited 2 boxes - an SGI dual processor Octane and an Indigo2. For the past 2 years they've sat waiting for me to do something with them and never getting round to it. I run a windows network at home so... (3 Replies)
Discussion started by: JimmyChang
3 Replies

7. UNIX for Dummies Questions & Answers

monitoring /tmp and /var/tmp for suspicous activity

Hello, does anyone have a script that can check the contents of the /tmp directory and for example e-mail the directory content if anything other than session files are present? Maybe there are better ways to monitor suspicous /tmp and /var/tmp activity, if so I'm listening :) (1 Reply)
Discussion started by: jamesbond
1 Replies

8. UNIX for Dummies Questions & Answers

users logging on to unix boxes

I have been asked to write a unix script to log and report all users logging on to our unix boxes as either the root or oracle users only on a 24 hour basis. This should trap the logon and logoff time,if possible what they are doing and their username. Thanks in Advance (2 Replies)
Discussion started by: irehman
2 Replies

9. Programming

text boxes, radio buttons , check boxes in c++ on unix

Hi ! Please tell me how to get radio buttons, text boxes , check boxes , option buttons , pull down menus in C++ on Unix. I think it would be done using curses.h ..but that's all i know. TIA, Devyani. (3 Replies)
Discussion started by: devy8
3 Replies
Login or Register to Ask a Question