Solaris access Log
 

Hi Guys,

I am new to this forum and Solaris too,its my first post....I need to work with solaris 9 server being used to host some application in our firm.

For the security purpose i was asked to prepare a log file that can show all detail about the users who loged in and logout of the system wither from console/ftp/telnet/ssh or wht soever intrusion.Can anyone tell me where can i get all this information.

Dose solaris maintain any log file to capture all this information.I am planning to create a cronjob to copy a log file out of this environment everyday and delete logfiles in solaris server so that it dosent get filled up so frequent.

Pls help me regarding this.Thanx in advance

Welcome to LQ,

In Solaris, you have /var/adm/sulog.
The command /usr/bin/last shows the list of every user who logged in/out and still logged in.

Hi Buddy...Thanx for ur help....but i read smevr that /var/adm/sulog records a log whenever a user try to switch over as root..and it dosent record the user login/logout attempts......do u have any idea abt the wtmp logs?

May i know the location i can look for wtmp logs?

The command I mentioned- /usr/bin/last, in my best opinion fetches the info from /var/adm/wtmpx file.

You are correct. wtmp is deprecated.