This repository has been archived by the owner on Feb 8, 2024. It is now read-only.
/
expected.output
21 lines (15 loc) · 1.63 KB
/
expected.output
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
No match for lines:
Oct 2 15:00:01 hosta CRON[3836]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 2 15:00:02 hosta CRON[3836]: pam_unix(cron:session): session closed for user root
Summaries:
Sudo usage by cmd/user/host
userb ran /usr/bin/tail /var/log/auth.log as root on hosta: 2 times
usera ran /bin/grep ssh /var/log/syslog as root on hosta: 2 times
userb ran /bin/grep -i ssh /var/log/apache2 /var/log/apparmor /var/log/apt /var/log/aptitude /var/log/aptitude.1.gz /var/log/auth.log /var/log/auth.log.0 /var/log/auth.log.1.gz /var/log/boot /var/log/btmp /var/log/btmp.1 /var/log/ConsoleKit /var/log/daemon.log /var/log/dbconfig-common /var/log/debug /var/log/dist-upgrade /var/log/dmesg /var/log/dmesg.0 /var/log/dmesg.1.gz /var/log/dmesg.2.gz /var/log/dmesg.3.gz /var/log/dmesg.4.gz /var/log/dpkg.log /var/log/dpkg.log.1 /var/log/dpkg.log.2.gz /var/log/exim4 /var/log/faillog /var/log/fsck /var/log/installer /var/log/kern.log /var/log/landscape /var/log/lastlog /var/log/lpr.log /var/log/mail.err /var/log/mail.info /var/log/mail.log /var/log/mail.warn /var/log/messages /var/log/mysql /var/log/mysql.err /var/log/mysql.log /var/log/mysql.log.1.gz /var/log/news /var/log/pycentral.log /var/log/request-tracker3.6 /var/log/syslog /var/log/syslog as root on hosta: 1 times
userb ran /bin/grep -i ssh /var/log/messages as root on hosta: 1 times
usera ran /bin/grep ssh /var/log/messages as root on hosta: 1 times
usera ran /bin/chown usera auth.log as root on hosta: 1 times
userb ran /usr/bin/head /var/log/auth.log as root on hosta: 1 times
Sudo usage by user/host
usera ran 4 sudo cmds on hosta
userb ran 5 sudo cmds on hosta