Thanks to Ariane, Eric, and Todd
I choose Ariane solution simply because i do not have to change anyhin,
the info is already available in /var/adm/messages.
Thanks to everyone who replied.
Orig Question
I have SunOS 4.1.4, SunOS 4.1.3 and SunOS 4.1.3_U1 machines.
How do i keep track of who is using su commands on these OS.
Thanks Will summarize.
----------------------------------------------------
Replies were
All su attempts (successful or not) are logged in /var/adm/messages.
It should be trivial to write a script that will parse that file and
send you a daily report of who has done a su the previous day.
Hope that helps.
Ariane.
------------------------------------------------------------------------
--Add the following lines to /etc/syslog.conf: (those are TABS between the columns)
auth.debug /var/log/authlog auth.info /var/log/syslog auth.info /dev/console
and then kill -HUP your syslog process.
All su activity will be written to /var/log/authlog, /var/log/syslog, and /dev/console. Todd. ------------------------------------------------------------------- you should check out /var/adm/sulog
there are also so files that you may wanna look at in /etc/default/
one of them is "su" that applies.
Eric
------------------------------------------------------------------------ ----------------------------------------------- Chetan Ramanna Siemens Medical Systems Off (847) 304 7383 E-Mail chetan@sgsn01.nmg.sms.siemens.com
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:48 CDT