Solaris access Log
Hi Guys,
I am new to this forum and Solaris too,its my first post....I need to work with solaris 9 server being used to host some application in our firm. For the security purpose i was asked to prepare a log file that can show all detail about the users who loged in and logout of the system wither from console/ftp/telnet/ssh or wht soever intrusion.Can anyone tell me where can i get all this information. Dose solaris maintain any log file to capture all this information.I am planning to create a cronjob to copy a log file out of this environment everyday and delete logfiles in solaris server so that it dosent get filled up so frequent. Pls help me regarding this.Thanx in advance |
Welcome to LQ,
In Solaris, you have /var/adm/sulog. The command /usr/bin/last shows the list of every user who logged in/out and still logged in. |
Hi Buddy...Thanx for ur help....but i read smevr that /var/adm/sulog records a log whenever a user try to switch over as root..and it dosent record the user login/logout attempts......do u have any idea abt the wtmp logs?
May i know the location i can look for wtmp logs? |
The command I mentioned- /usr/bin/last, in my best opinion fetches the info from /var/adm/wtmpx file.
|
You are correct. wtmp is deprecated.
|
All times are GMT -5. The time now is 11:55 AM. |