Sudo Report

[dninja at gmail.com (Robin Wood)]

2009/6/17 Chris Bentley <chris.bentley at sky.com>:
> Hi All,
> I need a script to check a weeks work of sudo logs in /var/adm/syslog.dated
> via a loop, this directory contains directories by date i.e Day-Month-Time
> Example
> 10-Jun-10:00
> 11-Jun-10:00
> 12-Jun-10:00
> 13-Jun-10:00
> 14-Jun-10:00
> 15-Jun-10:00
> 16-Jun-10:00
>
>
> At the moment I'm individually going into each directory and checking the
> logs and pulling out the following
>
> awk '{print$4,",",$6,","$14}' sudo.log | sort | uniq
> If anyone can direct me on who to recursively run through the directories
> and pull out the data.

Can you use the find command to get the list and then use exec to parse them?

find /var/adm/ -type f -name sudo.log -exec awk
'{print$4,",",$6,","$14}'  '{}' \; | sort -u

Robin