HPE Community
Operating System - HP-UX
1825803 Members
2091 Online
109687 Solutions
New Discussion

Re: sulog & syslog

 
SOLVED
Go to solution
Unix Administrator_6
Advisor

‎10-05-2000 07:57 AM

‎10-05-2000 07:57 AM

sulog & syslog

For some reason it looks like sulog and syslog are not noting all user logins.

who -u:
oradba ttyp4 Oct 5 09:50 0:58 20894 harrisjk.dublin.metatec.com
wills ttyp5 Oct 5 11:38 0:01 23072 will_s.dublin.metatec.com

But nowhere can I find in syslog or sulog a notice of oradba logging in!

Why is this and/or how can I change this?

0 Kudos
Reply
4 REPLIES 4
James R. Ferguson
Acclaimed Contributor

‎10-05-2000 08:06 AM

‎10-05-2000 08:06 AM

Solution

Re: sulog & syslog

Sheri:

'last' and 'lastb' give the last good and last bad login information. To work, the files /var/adm/wtmp and /var/adm/btmp must be present. IF they are not, simply touch them and change thier ownership & permissions to root 644. These files grow without bounds to to trim them do:

# cat /dev/null > /var/adm/wtmp
# cat /dev/null > /var/adm/btmp

See the man pages for 'last'. Doing:

# last -3 root

will return the most RECENT 3-logins for root in descending order.

...JRF...
Reply
John Palmer
Honored Contributor

‎10-05-2000 08:07 AM

‎10-05-2000 08:07 AM

Re: sulog & syslog

Sheri,

sulog only logs the 'su' command.

Logins don't get logged to syslog at all.

Try the 'last' command to find out who logged in and when - see 'man last'.

Regards,
John
Reply
Patrick Wallek
Honored Contributor

‎10-05-2000 08:11 AM

‎10-05-2000 08:11 AM

Re: sulog & syslog

syslog.log and sulog are not intended to log all user logins. As the previous reply said, you can use the last and lastb commands to get this information.

SULOG will ONLY log the use of the su command to switch to a different user.

SYSLOG.LOG is intended to log and system messages. Anyone using FTP may show up in the syslog depending on how you have your /etc/syslog.conf file is set up. You can also look at your /etc/syslog.conf file to see what all is currently set up to go to syslog.log.
Reply
Ade Jinadu
Occasional Advisor

‎10-10-2000 08:55 AM

‎10-10-2000 08:55 AM

Re: sulog & syslog

Hi,

Use the commands last and lastb (bad logins) to get login information. Sulog and syslog log the use of the su command and syslog also log ftp sessions.

Regards,

Ade
Run Unix
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.