Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Sudo Report
From: dninja at gmail.com (Robin Wood)
Date: Wed, 17 Jun 2009 17:46:35 +0100

2009/6/17 Chris Bentley <chris.bentley at sky.com>:
Hi All,
I need a script to check a weeks work of sudo logs in /var/adm/syslog.dated
via a loop, this directory contains directories by date i.e Day-Month-Time
Example
10-Jun-10:00
11-Jun-10:00
12-Jun-10:00
13-Jun-10:00
14-Jun-10:00
15-Jun-10:00
16-Jun-10:00


At the moment I'm individually going into each directory and checking the
logs and pulling out the following

awk '{print$4,",",$6,","$14}' sudo.log | sort | uniq
If anyone can direct me on who to recursively run through the directories
and pull out the data.


Can you use the find command to get the list and then use exec to parse them?

find /var/adm/ -type f -name sudo.log -exec awk
'{print$4,",",$6,","$14}'  '{}' \; | sort -u

Robin


  By Date           By Thread  

Current thread:
  • Sudo Report Chris Bentley (Jun 17)
    • Sudo Report Robin Wood (Jun 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]