HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Login Reporting and Log Files Maintenance

 
TheJuiceman
Super Advisor

Login Reporting and Log Files Maintenance

Hi everyone,

I am curious as to how everyone handles login monitoring and corresponding system logs. By this I mean...

- has anyone developed a script that reports last login information such that you can easily and readily read any accounts that have been inactive for 30 days, 60 days, etc.

- a script for wtmp, btmp, etc file maintenance and cleanup. do you use the tools in /usr/sbin/acct and if so what is optimal for archiving and CYA (cover your a$$) purposes?

- password aging. do you have a script to notify users that their passwords are going to expire and have a script help them with the process, or do you just use the standard?

Thank you all for your input in advance!!! You know how much I love your innovatative suggestions and script writing!!!
3 REPLIES
TTr
Honored Contributor

Re: Login Reporting and Log Files Maintenance

> a script that reports last login information...
You can touch a file in the user's home directory as part of the /etc/profile (/etc/login) script or put in that file the output of the date command. Then refer to that file later on when you do your user accounting.

> wtmp, btmp, etc file maintenance...
They can be rolled over every so often

> archiving and CYA...
You should have your management or the business dept that you cater to provide requirements for these and act accordingly. there is usually a cost/effort associated with every requirement.

> password aging...
Same as CYA. This should go under IT/business policy and set up accordingly

> a script to notify users
This can be easily implemented based on the pw-aging policy you use. Again, does the business require it?
TheJuiceman
Super Advisor

Re: Login Reporting and Log Files Maintenance

Hi TTr,

I guess I should have put that info in there. I'm not looking for anything to change as far as company policy would mandate. Just looking for tools to help make things easier for administrators and users.

I know that if wtmp gets too large it can have problems. A lot of companies will archive old entries to prevent this and to keep it tidy. Just looking for "best" solutions for handling.

Password aging is already in place in accordance to company policy. Just looking for inventive ways to make it easier on users to go through the password change process. No changes in policy.

Thanks.


> a script that reports last login information...
You can touch a file in the user's home directory as part of the /etc/profile (/etc/login) script or put in that file the output of the date command. Then refer to that file later on when you do your user accounting.

> wtmp, btmp, etc file maintenance...
They can be rolled over every so often

> archiving and CYA...
You should have your management or the business dept that you cater to provide requirements for these and act accordingly. there is usually a cost/effort associated with every requirement.

> password aging...
Same as CYA. This should go under IT/business policy and set up accordingly

> a script to notify users
This can be easily implemented based on the pw-aging policy you use. Again, does the business require it?
Suraj K Sankari
Honored Contributor

Re: Login Reporting and Log Files Maintenance

Hi,

To create any null for any file just give
> filename

Suraj