The New Job

So I just completed my third week at the new job. I’ve got access to a few servers and such. 

But here’s the thing. I was poking through /var/log/auth.log – it’s where every login/logout gets recorded. I first brought it up in vi and paged through and noted a lot of root activity. Some of it sudo, some of it direct root. Then I got out of vi and piped the file through grep looking for just my user id. A few of those. Ok. 

Then I did grep -v ‘username’ /var/log/auth.log|awk ‘{print $11}’

I’ll walk you through what the hell that is all doing. 

The first part that says grep -v ‘username’ – that sets up the exclusion. 

The /var/log/auth.log is the path to the file. 

Then there’s the | or pipe character. One of the cooler things about Unix/Linux is you can pipe output from one utility directly into another. So in this case I shot it to awk and used the print function to extract the 11th field of text after whitespace. That’s the user ID. 

And I noted it all came back root. So then I piped it to wc -l which wc stands for word count. Yep – all root logins, several hundred of them in fact. 

So other than root I’m the only person logging into these servers. Interesting. 

3 thoughts on “The New Job

    1. Oh no – I take the train. The commute is pretty easy. Commuter to Boston, then Red Line out to Cambridge.

      And I’ve done ugly commutes – Brookline, Needham, etc.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.