sulog - su command log file
The sulog file is a record of all attempts by users on the system to execute the su(1M) command. Each time su(1M) is executed, an entry is added to the sulog file.
Each entry in the sulog file is a single line of the form:
SU date time result port user-newuser
dateThe month and date su(1M) was executed. date is displayed in the form mm/dd where mm is the month number and dd is the day number in the month.
timeThe time su(1M) was executed. time is displayed in the form HH/MM where HH is the hour number (24 hour system) and MM is the minute number.
resultThe result of the su(1M) command. A + sign is displayed in this field if the su attempt was successful; otherwise a - sign is displayed.
portThe name of the terminal device from which su(1M) was executed.
userThe user id of the user executing the su(1M) command.
newuserThe user id being switched to with su(1M).
Example 1 A sample sulog file.
Here is a sample sulog file:
SU 02/25 09:29 + console root-sys SU 02/25 09:32 + pts/3 user1-root SU 03/02 08:03 + pts/5 user1-root SU 03/03 08:19 + pts/5 user1-root SU 03/09 14:24 - pts/5 guest3-root SU 03/09 14:24 - pts/5 guest3-root SU 03/14 08:31 + pts/4 user1-root
/var/adm/sulogsu log file
/etc/default/sucontains the default location of sulog
|SunOS 5.11||sulog (4)||6 Jun 1994|