Saturday, February 16, 2008

Directories to monitor in AIX

Directories to monitor in AIX

/var/adm/sulog Switch user log file (ASCII file). Use cat, pg ormore to view it and rm to clean it out./etc/security/failedlogin Failed logins from users. Use the who commandto view the information. Use "cat /dev/null >/etc/failedlogin" to empty it,/var/adm/wtmp All login accounting activity. Use the whocommand to view it use "cat /dev/null >/var/adm/wtmp" to empty it./etc/utmp Who has logged in to the system. Use the whocommand to view it. Use "cat /dev/null >/etc/utmp" to empty it./var/spool/lpd/qdir/* Left over queue requests/var/spool/qdaemon/* temp copy of spooled files/var/spool/* spooling directorysmit.log smit log file of activitysmit.script smit log

No comments: