LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > AIX
User Name
Password
AIX This forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.

Notices

Reply
 
Search this Thread
Old 08-24-2012, 02:25 AM   #1
rahul99rocks
LQ Newbie
 
Registered: Aug 2012
Posts: 3

Rep: Reputation: Disabled
Please tell me what does each field stand for in the below log


Hi all,

I have this log below, Please tell me what does each of the field stand for so that i can have a better understanding of the logs.

Feb 17 09:40:55 tokenesb01 auth|security:notice su: from root to mqm at /dev/tty??
Feb 17 09:41:25 tokenesb01 auth|security:notice su: from root to db2insp3 at /dev/tty??
Feb 17 09:41:32 tokenesb01 auth|security:notice su: from root to mware at /dev/tty??

Also provide me with any possible links on the above log fields

Require your immediate reply
 
Old 08-24-2012, 05:58 AM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,915

Rep: Reputation: Disabled
My knowledge of AIX is quite limited (and somewhat outdated), but syslog is more or less syslog on any *NIX system.

Examining the first line of your log file, "Feb 17 09:40:55" is obviously the date and time. The next field (tokenesb01) is the hostname.

Then follows a composite field containing what I believe to be the subsystem and category of the log entry ("auth|security") and the syslog severity level ("notice").

The next field is the name of the process generating the entry ("su"), and the remainder of the line ("from root to mqm at /dev/tty??") is the actual log entry.
 
1 members found this post helpful.
Old 08-28-2012, 05:11 AM   #3
rahul99rocks
LQ Newbie
 
Registered: Aug 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
Hi, thanks for your help. Can u plz tell me what does "mqm", "db2insp3" and "mware" stand for????
 
Old 08-28-2012, 12:08 PM   #4
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,915

Rep: Reputation: Disabled
They are user names. The log entries occur because root (or a process running as root) is using "su" to change into other user identities.

This could be perfectly normal. Check the documentation for the software using the respective accounts accounts, because they don't seem to be regular user accounts (a quick Google search revealed that "mqm" is probably related to WebSphere MQ Workflow or WebSphere Process Server, i'm willing to bet that "db2insp" has something to do with db2, but I have no suggestions as to what "mware" could be).
 
1 members found this post helpful.
Old 08-28-2012, 11:39 PM   #5
rahul99rocks
LQ Newbie
 
Registered: Aug 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thank you Olmy.. Will check into that and will get back if I have any more queries..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Sort certain field but preserve other field data akeka Programming 2 05-21-2012 04:01 PM
[SOLVED] Count occurrence of character in field and print in a new field Trd300 Linux - Newbie 5 03-21-2012 07:57 PM
[SOLVED] awk: how to print a field when field position is unknown? elfoozo Programming 12 08-18-2010 03:52 AM
awk printing from Nth field to last field sebelk Programming 2 01-08-2010 09:39 AM
php question, how do I get a return from a field within a field? cherrington Programming 11 04-29-2009 01:27 AM


All times are GMT -5. The time now is 02:40 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration