Audit Logs

Mike Burk · ‎08-16-2001

Anyone write custom scripts that filter the audit logs? If so can I get an example. I am looking to make the audit log output more readable i.e. so none unix people can read them and somewhat understand what is going on, like user xxx logged on and then su'd to user yyy and then logged off.

Manuel P. Ron · ‎08-19-2001

Use this command to display the information contained in audsys logs files:

audisp [options flags] audit_filename

Use the options flags to filter the output:

-u username, -e eventname, -c syscall, -l ttyid, -t start_time, -s stop_time, ...

Please, consult man page for more info. Thanks.

Crash programs fail because they are based on the theory that, with nine women pregnant, you can get a baby a month. - Wernher von Braun

Joe Doe Sr · ‎09-07-2001

On Debian GNU/Linux you have logcheck (http://packages.debian.org/cgi-bin/search_packages.pl?keywords=logcheck&searchon=names&subword=1&version=all&release=all) and that application can incremental scan and mail the results of a check on logfiles to a mailaddress. And you can extend the search-patterns. A little note, the logcheck in testing and unstable have more patterns then logcheck in stable.

-Hans

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Audit Logs

Audit Logs

Re: Audit Logs

Re: Audit Logs