parsing log entries

bos worth bosworth2020 at yahoo.com
Mon Dec 3 16:09:03 GMT 2001


Hello,

I'm working up a script to produce some usage reports
for logon/off data to help assess how people are using
the system.

The log files contain nice connection entries with the
data, username and service.  The log off entries are
less descriptive showing only the data, machine and
service.  Still, that's enough to go back and verify
which entry it came from so I can see when connections
begin and end.

Unfortunately if something catastrophic happens the
log entry only contains the error from
read_socket_data and a notice that the operation timed
out.  There is no subsequent entry to indicate the
user/machine pair or what service was disconnected.

Is there a way to obtain this information or deal with
it so we can produce reliable reports later?  I can
make some good assumptions but what happened when I
see these entries and know which service was actually
being referred to but it would be a lot easier to rip
through the data if there was a some unique
identifiers linking the connection start and close
entry in the event of an error.

Thanks,

Bosworth

__________________________________________________
Do You Yahoo!?
Buy the perfect holiday gifts at Yahoo! Shopping.
http://shopping.yahoo.com




More information about the samba mailing list