home *** CD-ROM | disk | FTP | other *** search
-
-
-
- ssssaaaatttt____ssssuuuummmmmmmmaaaarrrriiiizzzzeeee((((1111MMMM)))) ssssaaaatttt____ssssuuuummmmmmmmaaaarrrriiiizzzzeeee((((1111MMMM))))
-
-
-
- NNNNAAAAMMMMEEEE
- sat_summarize - generate statistics on a stream of audit records
-
- SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
- ////bbbbiiiinnnn////ssssaaaatttt____ssssuuuummmmmmmmaaaarrrriiiizzzzeeee [ ----bbbbddddeeeelllloooottttuuuuvvvv ] [ ----zzzz ttttiiiimmmmeeeezzzzoooonnnneeee ] [ _i_n_f_i_l_e ]
-
- DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
- _s_a_t__s_u_m_m_a_r_i_z_e prints a statistical summary of the audit trail to the
- standard output device. Data is displayed either when end of file is
- reached on input or when _s_a_t__s_u_m_m_a_r_i_z_e receives the SSSSIIIIGGGGUUUUSSSSRRRR1111 signal.
-
- Run time options determine the format of the printout and which
- statistics are presented.
-
- OOOOPPPPTTTTIIIIOOOONNNNSSSS
- ----bbbb Print statistics in brief mode (default).
-
- ----dddd Debug mode. Prints out additional information about the audit
- log file such as record and header size.
-
- ----eeee Display numbers of audit records found, by event type.
-
- ----ffff File descriptors are mapped to the filenames to which they apply
- whenever possible.
-
- ----llll Linear mode. Display the statistics in a very terse one line
- per record format.
-
- ----oooo Input (whether standard input or file input) is copied to
- standard output. This option makes it possible to use
- _s_a_t__s_u_m_m_a_r_i_z_e as one of a chain of audit tools connected by
- pipes.
-
- ----tttt Print average rate of audit trail generation, in records per
- minute, and number of audit records generated in the last
- minute.
-
- ----uuuu Display numbers of audit records found, by user.
-
- ----vvvv By default, zero valued entries from user or event lists are not
- printed. The verbose option enables printing of zero valued
- entries.
-
- ----zzzz ttttiiiimmmmeeeezzzzoooonnnneeee
- Set the timezone to that of the file.
-
- _i_n_f_i_l_e Data is taken from _i_n_f_i_l_e. If _i_n_f_i_l_e is not specified, data is
- taken, by default, from the standard input. The format of
- _i_n_f_i_l_e is identical to the output generated by _s_a_t_d(1M) and
- _s_a_t__r_e_d_u_c_e(1M).
-
-
-
-
-
- PPPPaaaaggggeeee 1111
-
-
-
-
-
-
- ssssaaaatttt____ssssuuuummmmmmmmaaaarrrriiiizzzzeeee((((1111MMMM)))) ssssaaaatttt____ssssuuuummmmmmmmaaaarrrriiiizzzzeeee((((1111MMMM))))
-
-
-
- DDDDEEEEFFFFAAAAUUUULLLLTTTT
- If no arguments are given, ----eeee is assumed. _s_a_t__s_u_m_m_a_r_i_z_e displays the
- numbers of audit records, broken down by event type.
-
- EEEEXXXXAAAAMMMMPPPPLLLLEEEE
- _s_a_t__s_u_m_m_a_r_i_z_e is ordinarily used in combination with other audit filters.
- To obtain audit records and display a complete statistical summary,
- execute this command sequence:
-
- _ssss_aaaa_tttt_dddd _----_oooo _----_ffff _////_vvvv_aaaa_rrrr_////_aaaa_dddd_mmmm_////_ssss_aaaa_tttt _|||| _ssss_aaaa_tttt______ssss_uuuu_mmmm_mmmm_aaaa_rrrr_iiii_zzzz_eeee _----_tttt _----_eeee _----_uuuu
-
-
- SSSSEEEEEEEE AAAALLLLSSSSOOOO
- audit(1M), kill(1), sat_interpret(1M), sat_reduce(1M), sat_select(1M),
- satd(1M).
-
- _I_R_I_X _A_d_m_i_n: _B_a_c_k_u_p, _S_e_c_u_r_i_t_y, _a_n_d _A_c_c_o_u_n_t_i_n_g
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- PPPPaaaaggggeeee 2222
-
-
-
-
