Commands
Results 1 to 7 of 7

Thread: Commands

  1. #1
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828

    Commands

    Can we audit logon and logoffs, privilege use, policy changes, object access, etc... If so how do I look at those logs?
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    Depends on OS, and if you have these features turned on. Logging most stuff is off by default in most Windows OS's
    Share on Google+

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    logon/logoff should be in utmp/wtmp/lastlog usually logged via syslog.

    The rest depends on MAC support.
    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Share on Google+

  4. #4
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    most of the systems are Red Hat.
    Share on Google+

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Have a look in /var/log and see what info you have reporting to log files in here. Xferlog, Secure and Messages are going to be of peak interest to you. If it's not up to your needs, you can easily adjust logging in RH or any other *nix distro.

    --Th13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
    Share on Google+

  6. #6
    Junior Member
    Join Date
    May 2002
    Posts
    5
    If you're looking specifically for logins i'm guessing something in /var/log/messages would tell you something. Otherwise if it's the failed logins you're worried about, it's in /var/log/faillog
    Try checking through all the messages if it's the former because i have 4 message files in /var/log/*
    Share on Google+

  7. #7
    Banned
    Join Date
    Jun 2005
    Posts
    445
    Ummm.... don't bring up old threads?
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •