sulog


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers sulog
# 1  
Old 01-03-2003
Question sulog

Hello,

the sulog file on solaris does not record the user's attempts.
do i have to delete and create a new one or there is a better way?
in addition on the current sulog file is shown the month/day of the user's attempt but
i like to see the year also. there is a way to see the year or more
info about?

thanks,
grep
# 2  
Old 01-03-2003
If you are not seeing the pass/fail attempts in the /var/adm/sulog, then check /etc/default/su for the location of the file (you would change it in this file). If it is set to /dev/null, then you are not getting any recording (not the way to go) OR if at the bottom of the file SYSLOG does not equal YES, then no record of su attempts.

Read the man page on sulog and su for further info (You won't get the year - I think it's because they expect folks to be looking at this file and watching security more than once a year or two).
# 3  
Old 01-03-2003
THANK YOU.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. AIX

Unable to set ACLs on sulog - need to grant read permission to a normal user on AIX 6.1

Hi, I need to grant read permission to a normal user on sulog file on AIX 6.1. As root I did acledit sulog and aclget shows "extended permissions" as "enabled" and normal user "splunk" has read permissions. When I try to access sulog as splunk user it won't allow and aclget for splunk user... (6 Replies)
Discussion started by: prvnrk
6 Replies

2. Solaris

/var/adm/sulog does not showing year

Hi, I would like to know is there any way to capture the year in /var/adm/sulog file in solaris 10? Please suggest (2 Replies)
Discussion started by: manoj.solaris
2 Replies

3. Solaris

hostname or ip information on sulog

Hi, more than one user login the our solaris 10 systems with same user account by using ssh connection. i wanna see ip or hostname information of them on sulog instead of it's terminal number. is this possible? current sulog is like that SU 02/06 08:59 + pts/1 operation-vuser SU 02/07 14:27... (1 Reply)
Discussion started by: sdkbjk
1 Replies

4. AIX

improve sulog

I just wrote a very small script that improves readability on system sulog. The problem with all sulog is there is lack of clarity whether the info you are looking at is the most current. So if you just need a simple soution instead of going thru the trouble of writing a script that rotate logs and... (0 Replies)
Discussion started by: sparcguy
0 Replies

5. Linux

SULOG for LINUX

How to enable sulog activity in LINUX like /var/adm/sulog in Solaris , AIX..... I have added SULOG_FILE /var/log/sulog in /etc/login.defs ...but it is not working ... Thanks a lot for help (1 Reply)
Discussion started by: Anu_1
1 Replies

6. Solaris

How to select last 7 days entry from SULOG or LAST command

Hi All, I need to get last 7 days log entries from sulog. The same has to be done for the last command. for ex: when i search for a user "abc" in sulog, i only want to check his entries for the last 1 week. The same has to be done for last command. Can anyone suggest some tips. ... (0 Replies)
Discussion started by: navdeepan
0 Replies
Login or Register to Ask a Question