Solved

sudosh - where is the sudosh user session id?

Posted on 2011-09-28
7
995 Views
Last Modified: 2012-05-12
I see 3 separate files logged as a result of a user running sudosh

./baja10/user1-user1-script-1317161743-uzzVVVV1111XXXXX
./baja10/user1-user1-time-1317161743-uzzVVVV1111XXXXX
./baja10/user1-user1-input-1317161743-uzzVVVV1111XXXXX

The sudosh-replay command is looking for something else, some other type of file apparently.
When I do a "sudosh-replay" without any arguments to see the available sessions, I get the following message:

baja7:/home/users/sudoshlogs#: sudosh-replay
No sessions are logged in /home/users/sudoshlogs/baja7

What format do the session files have, and what are the 3 files above used for?

*script*
*time*
*input*

Do I have sudosh misconfigured?

0
Comment
Question by:sonriks
  • 4
  • 3
7 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 36717170
>> what are the 3 files above used for? <<

Those are the recordings of input/output, keyboard input, and timing information, respectively.

Did you issue "sudosh-replay" when logged in as the same user who recorded the sessions?
The location of the logfiles is user-dependent ($HOME).

To replay  recordings from a given directory  use sudosh-replay with the "-d logdir" option.

wmp
0
 
LVL 1

Author Comment

by:sonriks
ID: 36717385
I am logged on as root.

The tree for sudosh logs: /home/users/sudoshlogs/$servername (it's a nas share)

The "baja10" dir has files for all users that use sudosh on that server., i.e.

./baja10/user1-user1-script-1317161743-uzzVVVV1111XXXXX
./baja10/user1-user1-time-1317161743-uzzVVVV1111XXXXX
./baja10/user1-user1-input-1317161743-uzzVVVV1111XXXXX

When I run the command "sudosh-replay -d baja10" from /home/users/sudoshlogs dir, I get the following output

Date                Duration From         To           ID
====                ======== ====         ==           ==
09/27/2011 18:15:43 36s      rbhatia      rbhatia      rbhatia-rbhatia-1317161743-uzzVVVV1111XXXXX

Usage: sudosh-replay ID [MULTIPLIER] [MAXWAIT]
See 'sudosh-replay -h' for more help.
Example: sudosh-replay rbhatia-rbhatia-1317161743-uzzVVVV1111XXXXX 1 2

The output of the "sudosh-replay -d baja10" returns
rbhatia-rbhatia-1317161743-uzzVVVV1111XXXXX

but I don't see that file in the baja10 dir. Instead what I see are 3 files

rbhatia-rbhatia-time-1317161743-uzzVVVV1111XXXXX
rbhatia-rbhatia-input-1317161743-uzzVVVV1111XXXXX
rbhatia-rbhatia-script-1317161743-uzzVVVV1111XXXXX

So how do I run the command in the example above
Example: sudosh-replay rbhatia-rbhatia-1317161743-uzzVVVV1111XXXXX 1 2

if I can't find the argument "rbhatia-rbhatia-1317161743-uzzVVVV1111XXXXX 1 2"


0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 36717440
What you see with "sudosh-replay -d ..." is the ID of the session, not a filename.

filenames are composed of the ID and an inserted part "time"/"input"/"script"

Simply run the command suggested by sudosh-replay.

wmp



0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 
LVL 1

Author Comment

by:sonriks
ID: 36717996
No such session message
********************************

baja7:/home/users/sudoshlogs#: sudosh-replay -d baja10

Date                Duration From         To           ID
====                ======== ====         ==           ==
09/28/2011 10:40:20 26m40s   akohojka     akohojka     akohojka-akohojka-1317220820-bggCCCCiiiiEEEEE

Usage: sudosh-replay ID [MULTIPLIER] [MAXWAIT]
See 'sudosh-replay -h' for more help.
Example: sudosh-replay akohojka-akohojka-1317220820-bggCCCCiiiiEEEEE 1 2


baja7:/home/users/sudoshlogs#: sudosh-replay akohojka-akohojka-1317220820-bggCCCCiiiiEEEEE 1 2
[replay.c, line 316]: sudosh-replay: no such session: akohojka-akohojka-1317220820-bggCCCCiiiiEEEEE

baja7:/home/users/sudoshlogs#: sudosh-replay baja10/akohojka-akohojka-1317220820-bggCCCCiiiiEEEEE 1 2
[replay.c, line 316]: sudosh-replay: no such session: baja10/akohojka-akohojka-1317220820-bggCCCCiiiiEEEEE

baja7:/home/users/sudoshlogs#:
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 36719124
... where is the "-d" option?

You need it for listing as well as for replaying:

sudosh-replay -d baja10 akohojka-akohojka...... 1 2
0
 
LVL 1

Accepted Solution

by:
sonriks earned 0 total points
ID: 36719442
thanks, wmp! I'm good to go now.
0
 
LVL 1

Author Closing Comment

by:sonriks
ID: 36902278
It took a little back and forth, but I finally have all the info. Again, wmp has come through for me!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
shd and spl analysis 3 92
Bash Script to Analyze Oracle Schemas 11 84
.vbs Script Not Running on Windows 10 3 66
Minimum security requirements for WiFi in GPO 10 47
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now