HPE Community
Operating System - HP-UX
1755350 Members
5430 Online
108831 Solutions
New Discussion юеВ

Re: Need to view SULOG with year option...

 
Dipika Modi-Lotwala
Occasional Advisor

тАО07-30-2007 06:09 AM

тАО07-30-2007 06:09 AM

Need to view SULOG with year option...

Is there a way to view the sulog with a year option or set it so that the year is posted in the sulog for autditing purposes?
0 Kudos
Reply
10 REPLIES 10
Jeff_Traigle
Honored Contributor

тАО07-30-2007 06:24 AM

тАО07-30-2007 06:24 AM

Re: Need to view SULOG with year option...

Not in sulog, but the activity gets logged in syslog also so you can get the full date from there.
--
Jeff Traigle
0 Kudos
Reply
Dipika Modi-Lotwala
Occasional Advisor

тАО07-30-2007 06:28 AM

тАО07-30-2007 06:28 AM

Re: Need to view SULOG with year option...

I looked in the syslog too, but there is no year in there as well. Is there a way you can change it to track the year as well? Or view it differently?
0 Kudos
Reply
Pete Randall
Outstanding Contributor

тАО07-30-2007 06:43 AM

тАО07-30-2007 06:43 AM

Re: Need to view SULOG with year option...

Perhaps you could set up a cron job to echo the current date to sulog or syslog once a week/month/year, whatever suits your purpose.


Pete

Pete
0 Kudos
Reply
Dipika Modi-Lotwala
Occasional Advisor

тАО07-30-2007 06:45 AM

тАО07-30-2007 06:45 AM

Re: Need to view SULOG with year option...

What syntax would you use in the cron tab to get that info?
0 Kudos
Reply
Aussan
Respected Contributor

тАО07-30-2007 06:50 AM

тАО07-30-2007 06:50 AM

Re: Need to view SULOG with year option...

i have a script that archive the sulog every night into a file with date on it, it makes it easyer to go back and see what happend on what day, maybe you can do that

i put it in cron to run at 11:50 pm every night

here is my script

#!/usr/bin/sh

TAG=`date +%b_%d_%Y`
LOGFILE=/var/adm/sulogs_backup/su.$TAG.log

if [ ! -d /var/adm/sulogs_backup ]
then
mkdir /var/adm/sulogs_backup
fi

if [ ! -f $LOGFILE ]
then
mv /var/adm/sulog $LOGFILE
fi

The tongue weighs practically nothing, but so few people can hold it
0 Kudos
Reply
Dipika Modi-Lotwala
Occasional Advisor

тАО07-30-2007 07:01 AM

тАО07-30-2007 07:01 AM

Re: Need to view SULOG with year option...

Aussan, the script is useful, but do you delete your sulog on a daily basis or do you just tail the new file in the backup directory and assume that it's the correct date?
0 Kudos
Reply
Aussan
Respected Contributor

тАО07-30-2007 07:06 AM

тАО07-30-2007 07:06 AM

Re: Need to view SULOG with year option...

every day the script moves sulog in to the backup directory under su..log
so the sulog gets removed and a new one is created automatically as soon as someone does su


Regards

Aussan
The tongue weighs practically nothing, but so few people can hold it
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

тАО07-30-2007 07:09 AM

тАО07-30-2007 07:09 AM

Re: Need to view SULOG with year option...

Oops. I saw a year in my syslog and wasn't awake enough to realize it was from a Secure Shell connection. You're right that syslog doesn't post the year on the entries either. About the only ways to do it is like Pete suggested or, when you rotate the logs, using the date as part of the rotated log name.
--
Jeff Traigle
0 Kudos
Reply
Aussan
Respected Contributor

тАО07-30-2007 07:10 AM

тАО07-30-2007 07:10 AM

Re: Need to view SULOG with year option...

here is an example of Jul logs
su.Jul_02_2007.log
su.Jul_03_2007.log
su.Jul_06_2007.log
su.Jul_07_2007.log
su.Jul_09_2007.log
su.Jul_10_2007.log
su.Jul_11_2007.log
su.Jul_12_2007.log
su.Jul_13_2007.log
su.Jul_17_2007.log
su.Jul_18_2007.log
su.Jul_19_2007.log
su.Jul_21_2007.log
su.Jul_25_2007.log
su.Jul_27_2007.log
The tongue weighs practically nothing, but so few people can hold it
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.