SGI Enlighten DSM 3.1

home *** CD-ROM | disk | FTP | other *** search

/ SGI Enlighten DSM 3.1 / SGI EnlightenDSM 3.1.iso / SCO5X / EMD / bin / e_audit_report < prev next >

Wrap

Text File | 1999-04-16 | 4KB | 253 lines

#!/bin/sh # Copyright (c) 1990-1999 Enlighten Software Solutions, Inc. # -- All Rights Reserved -- OSNAME=`uname -s` EMDDIR=`egrep "emd_dir=" /etc/enlighten | cut "-d=" -f2 - ` EDATE=$EMDDIR/bin/e_date DBIF=$EMDDIR/informix/bin/dbaccess DBNAME=enlighten TBLNAME=audit_log_tbl totalinput=$# managednum=0 usernum=0 guinum=0 argmt=0 value=0 where=0 flag=0 case $OSNAME in AIX) AWK=nawk;; HP-UX) AWK=awk;; IRIX*) AWK=nawk;; SunOS) AWK=nawk;; esac incrargmt() { argmt=`expr $argmt + 1`; } incrvalue() { value=`expr $value + 1`; } addparen() { sqlstmt="$sqlstmt)"; } appendstmt() { if [ $where -eq 1 ]; then sqlstmt="$sqlstmt and" else where=1 sqlstmt="$sqlstmt where" fi; } createlist() { if [ $1 -eq 1 ]; then sqlstmt="$sqlstmt," elif [ "$2" = "guinum" ];then guinum=1 sqlstmt="$sqlstmt guihost in (" elif [ "$2" = "managednum" ]; then managednum=1 sqlstmt="$sqlstmt targethost in (" elif [ "$2" = "usernum" ]; then usernum=1 sqlstmt="$sqlstmt usr in (" fi } while [ $# -gt 0 ] do case $1 in -from) arg=-from incrargmt;; -to) arg=-to incrargmt;; -guihost) arg=-guihost incrargmt;; -managedhost) arg=-managedhost incrargmt;; -dsmuser) arg=-dsmuser incrargmt;; *) case $arg in -from) fromtime=$fromtime" $1";; -to) totime=$totime" $1";; -guihost) guihost=$guihost" $1";; -managedhost) managedhost=$managedhost" $1";; -dsmuser) dsmuser=$dsmuser" $1";; esac;; esac shift done sqlstmt='select * from '$TBLNAME if [ "$fromtime" ]; then if [ $ "$fromtime" = " Beginning" $ -o $ "$fromtime" = " beginning" $ ]; then incrvalue else fromempty=`$EDATE -s $fromtime` if [ "$fromempty" ]; then incrvalue appendstmt sqlstmt="$sqlstmt timestamp >= $fromempty" fi fi fi if [ "$totime" ]; then if [ $ "$totime" = " Now" $ -o $ "$totime" = " now" $ ]; then incrvalue else toempty=`$EDATE -s $totime` if [ "$toempty" ]; then incrvalue appendstmt sqlstmt="$sqlstmt timestamp <= $toempty" fi fi fi if [ "$guihost" ]; then incrvalue appendstmt for GH in $guihost do createlist $guinum guinum sqlstmt="$sqlstmt '$GH'" done addparen fi if [ "$managedhost" ]; then incrvalue appendstmt for MH in $managedhost do createlist $managednum managednum sqlstmt="$sqlstmt '$MH'" done addparen fi if [ "$dsmuser" ]; then incrvalue appendstmt for USER in $dsmuser do createlist $usernum usernum sqlstmt="$sqlstmt '$USER'" done addparen fi sqlstmt="$sqlstmt order by timestamp" if [ $argmt -eq 0 ]; then if [ $value -eq 0 ]; then if [ $totalinput -gt 0 ]; then flag=1 fi fi fi if [ $ $argmt -ne $value $ -o $ $flag -eq 1 $ ]; then echo "" echo "usage:" echo "e_audit_report [-from time-string | beginning]" echo " [-to time-string | now]" echo " [-guihost hostname]" echo " [-managedhost hostname]" echo " [-dsmuser username]" exit 1 fi name=`id | grep root` sudb="su - dbenl" if [ "$name" ]; then echo "$sqlstmt" | $sudb -c "$DBIF $DBNAME - 2> /dev/null" | $AWK -v e_date=$EDATE ' BEGIN { FMTSTR = "%-26s %-22s %-20s %s\n"; HEADING = "%-26s %-22s %-20s %-40s\n"; printf(HEADING, "Time", "User@Host", "Target Host", "Event"); printf(HEADING, "--------------------------", "----------------------", "--------------------", "----------------------------------------"); } NF == 0 { next } $1 ~ /timestamp/ { cmd = e_date" -d " strip_field_one($0) cmd | getline timestamp } $1 ~ /targethost/ { targethost = strip_field_one($0) } $1 ~ /guihost/ { guihost = strip_field_one($0) } $1 ~ /usr/ { usr = strip_field_one($0) } $1 ~ /msg/ { msg = strip_field_one($0); who = usr "@" guihost recnum++ printf(FMTSTR, timestamp, who, targethost, msg ); close(cmd) } END { printf("\n"); printf("Total number of records: %d\n", recnum); } function strip_field_one(s) { n = split(s, a); t = ""; for (i=2; i<=n; i++) { t = t a[i]; if (i < n) { t = t " "; } } return t; }' else echo "Root permission required to run script." exit 1 fi