Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Unix system history log

Posted on 2004-04-02
5
Medium Priority
?
326 Views
Last Modified: 2006-11-17
Hi, all,
  We are using Compaq Thru 64 machine and if we hope to know how many times we restart that machine or when did we restart it in the past 1 month, which log file can give us these information?
  On the other hand, if we hope to know what settngs were changed in the past 1 month, which log info we can clear understand?
  Thanks a lot.
0
Comment
Question by:chen0426
5 Comments
 
LVL 18

Accepted Solution

by:
liddler earned 252 total points
ID: 10739330
last |grep boot
gives system boot times

Which systems settings do you mean?  Most are held in files in /et/ so an ls -l will give you the modification times on the files
0
 
LVL 62

Expert Comment

by:gheist
ID: 10747067
Most likely system was not restarted last month.
uptime command outputs time since last boot.
System reboots are logged into utmp/wtmp files, and best seen with last command.(but you can reboot without logging too...)
If you want to know a bit more about running processes you can enable process accounting by running (as root) /usr/sbin/acct/turnacct on, and looking into turnacct manual page for analysis tools for gathered data.


For file alterations - make a script which copies files you consider holding configurations into shadow subtree, and  then simply run diff utility, which even shows files changed.
For binary config files - extract data in text form or use checksums (no information what has changed then).
Since you write script on your own, you have much flexibility, like mailing/logging script results, reverting config file to previous version(s) with ease etc...
0
 

Assisted Solution

by:charlie250
charlie250 earned 248 total points
ID: 11020921
There are a number of ways..
1. Add a command to the system startup to append the date /time to a file (making sure the file is in a filesystem that is mounted at the time!)

2. The data is already there if you go looking for it..
You can use (as root)  uerf -R |more and look for event 300

The above will work as long as you don't remove system log information.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month13 days, 8 hours left to enroll

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question