Cisco Unified MeetingPlace, Release 7.0 -- Performing a Login Audit on the Application Server

From DocWiki

Jump to: navigation, search

Main page: Cisco Unified MeetingPlace, Release 7.0

Up one page: Troubleshooting


You can use audit logs to monitor the activities and commands of users on the Application Server. The psacct utility provides audit log functions. It contains four commands: ac, lastcomm, accton, and sa.

Follow these steps to enable a login audit on the Application Server:


Procedure
  1. Go to the operating system login page.
  2. Log in as the user called root.
  3. Enter the password associated with this username.
    The system displays the operating system desktop.
  4. Choose Application > System Tools > Terminal.
    The system displays the command line.
  5. Follow the instructions in the table.


To do the following Enter this

To enable the psacct utility

chkconfig psacct on

To start the psacct utility

/etc/init.d/psacct start

To display statistics about the connect time for users

$ ac

To display previously executed user commands

$ lastcomm <user_id>

To show previous logins

last -a

For more information about a command

man <command_name>

Rating: 0.0/5 (0 votes cast)

Retrieved from "http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace,_Release_7.0_--_Performing_a_Login_Audit_on_the_Application_Server"
Personal tools