SULOG(5) File Formats and Configurations SULOG(5)
sulog - su command log file
/var/adm/sulog
The sulog file is a record of all attempts by users on the system
to execute the su(8) command. Each time su(8) is executed, an entry
is added to the sulog file.
Each entry in the sulog file is a single line of the form:
SU date time
result port user-newuser
where
date
The month and date su(8) was executed. date is displayed
in the form mm/dd where mm is the month number and dd is
the day number in the month.
time
The time su(8) was executed. time is displayed in the
form HH/MM where HH is the hour number (24 hour system)
and MM is the minute number.
result
The result of the su(8) command. A ` + ' sign is
displayed in this field if the su attempt was successful;
otherwise a ` - ' sign is displayed.
port
The name of the terminal device from which su(8) was
executed.
user
The user id of the user executing the su(8) command.
newuser
The user id being switched to with su(8).
Here is a sample sulog file:
SU 02/25 09:29 + console root-sys
SU 02/25 09:32 + pts/3 user1-root
SU 03/02 08:03 + pts/5 user1-root
SU 03/03 08:19 + pts/5 user1-root
SU 03/09 14:24 - pts/5 guest3-root
SU 03/09 14:24 - pts/5 guest3-root
SU 03/14 08:31 + pts/4 user1-root
/var/adm/sulog
su log file
/etc/default/su
contains the default location of sulog
su(8)
June 6, 1994 SULOG(5)
NAME
sulog - su command log file
SYNOPSIS
/var/adm/sulog
DESCRIPTION
The sulog file is a record of all attempts by users on the system
to execute the su(8) command. Each time su(8) is executed, an entry
is added to the sulog file.
Each entry in the sulog file is a single line of the form:
SU date time
result port user-newuser
where
date
The month and date su(8) was executed. date is displayed
in the form mm/dd where mm is the month number and dd is
the day number in the month.
time
The time su(8) was executed. time is displayed in the
form HH/MM where HH is the hour number (24 hour system)
and MM is the minute number.
result
The result of the su(8) command. A ` + ' sign is
displayed in this field if the su attempt was successful;
otherwise a ` - ' sign is displayed.
port
The name of the terminal device from which su(8) was
executed.
user
The user id of the user executing the su(8) command.
newuser
The user id being switched to with su(8).
EXAMPLES
Example 1: A sample sulog file.
Here is a sample sulog file:
SU 02/25 09:29 + console root-sys
SU 02/25 09:32 + pts/3 user1-root
SU 03/02 08:03 + pts/5 user1-root
SU 03/03 08:19 + pts/5 user1-root
SU 03/09 14:24 - pts/5 guest3-root
SU 03/09 14:24 - pts/5 guest3-root
SU 03/14 08:31 + pts/4 user1-root
FILES
/var/adm/sulog
su log file
/etc/default/su
contains the default location of sulog
SEE ALSO
su(8)
June 6, 1994 SULOG(5)