How to tell who logged on and off Java GUI when
Updated: 23 May 2010 | 12 comments
Hi All,
Anyone knows how to find out which user logged on/off the Java GUI, and how to find when it happened?
Eventually, my goal is to find out who made changes to which backup policies when.
I put cron, ls, bppllist together to detect changes to the class directory every day, but I could not find a way to tell when a user logs on/off Java GUI.
Well, a user logging on to the Java GUI does not necessarily mean policy change, I know, but I need something that I can use to relate the policy change timing to a username, so I thought at least I might try to extract the Java GUI user logon/logoff info.
Tried bpjava-*vc debug logs, I could not find the time users log on or off ...
So NBU gurus, please advise if you have any tips on this, thanks!
Abe
discussion Filed Under:
Comments
Maybe
Hi Abesama.
Have a look at the technote below. I think this is what you are looking for;:
How to monitor when a NetBackup policy is deleted, or when a schedule or client is deleted from a policy
Have fun !
Regards
Nicolai
Assumption is the mother of all mess ups.
If this post solved you’re questions please send a gratitude by marking it as a solution.
@ Nicolai - I already know that TN but
Thanks for the comment Nicolai, but I already saw that TN.
Reason I don't want to do that is because it only detects "delete" events, not a create event or modify event.
And it'll take even more time and effort to work out notification (email) functions out of this TN's solutioin.
More to that, it does not report on users (who made the change), either ... maybe it does ... but the first reason is the biggest one.
NOM can monotor policy changees too, but this is a multiple network, multiple masters in separate networks, NOM can't talk to them all together, so NOM is out of picture too.
:-)
Abe
Anger Management
You need NOM
Here is mine pasted below. My counterpart modified the Clients, and schedule on this policy a few min ago, and i got the alert instantly. We have issues with people having access to NetBackup and we are responsible for the system. Which is why we needed this policy change monitor thats available with NetBackup Operations Manager. It's not too much work, and the upside is huge. It does not give you the USER name but at our place it's a short list of who can change these, so we can usaually pinpoint it down to 1 person pretty easily.
Date: July 2, 2009 1:40 PM
Master Server: riuxadmin.pitts.us.respironics.com(riuxadmin)
Changed Policy Name: VCB_FC_PRD2
NOM Policy: Policy was changed
NOM Server: useucsfap8
Modified Policy Attributes : Clients, Schedules
Severity: Informational
Lead Operations Engineer
Philips IT Infrastructure
Pittsburgh, PA
@ LetThereBeZeros, NOM can't talk to multiple network's masters
My master servers are in separated networks, one NOM server can't talk to the masters at the same time, nor I want to implement one NOM server per master.
I did not mark this as solution yet I see it's marked as SOLVED with the last comment, something's going funny in this forum web page?
Abe
Anger Management
your site
Why can't NOM work at your sites?
It is designed to be able to serve multiple master servers on multiple networks.
blurb from NOM manual:
NOM lets you view the operational status and health of your distributed data
protection environment. NOM can manage and monitor dozens of
NetBackup installations spread across multiple locations from a single
point.
Bob Stump VERITAS - "Ain't it the truth?" Incorrigible punster -- Do not incorrige
@ Stumpr - the networks are separated, no connectivity
Those multiple masters in multiple networks are in separated networks each.
For example, if we install a NOM server in Symantec (yes, inside a Symantec building) will it be able to see/manage/serve a NetBackup master server in my company's data centre?
That's what I have - all my master servers are in their independent & separated networks, there is no one network (to host NOM server) that can talk to all those master servers at a time.
Of course I can access them all from my laptop, but I open VPN, I don't think NOM is intelligent enough to open a VPN session.
Abe
Anger Management
You must have a really tight
You must have a really tight security setup on your network. How do you get any work done?
I have NB masters on different networks - and yes I can get to both networks from my pc WITHOUT vpn ( I only use vpn from home). and my NOM server works just fine for both.
I don't have to know how to spell....I work on Unix.
NetBackup 7.0.1 - AIX & Windows
yes
Do you know how the firewall settings should be between the networks for NOM access?
Bob Stump VERITAS - "Ain't it the truth?" Incorrigible punster -- Do not incorrige
I regret that I do not
I regret that I do not remember what I did to make it work or even what I asked the network group to do.
I don't have to know how to spell....I work on Unix.
NetBackup 7.0.1 - AIX & Windows
@J.Hinchcliffe thanks, my answer is yes and no ...
J.Hinchcliffe, my answer is yes and no.
Yes, the networks are really separeted.
No, there are no security /firewall doing it.
I work for a company, hosting many other company's IT resource.
So, although those networks and servers do exist within the same datacentre, they are totally separated each other, that's all, no magic there.
Anger Management
@ Abesama
Whatever script, tool, product you find you will have to run for each network, then have no way to communicate back. Sounds like system administration would be a nightmare in your shoes. Good luck with solving it, and let us know how you do.
Lead Operations Engineer
Philips IT Infrastructure
Pittsburgh, PA
@LetThereBeZeros SMTP is open :-)
Thanks, LetThereBeZeros
Yes, I can't avoid running whatever script/tool/product on each master/network.
Communicate back "is possible" via SMTP protocol - email, I mean.
That's why I'm thinking of running cron'ed script on each master and send email notifications to my work email.
(Again, yes, NOM can send email, bu I explained earlier why I do not want / can not use NOM)
I found standard UNIX "ps -ef" command will reveal the bpjava-susvc session's start time and logon IDs (the line with PPID 1, there's one line per session) so I'm thinking of writing a script to run ps on regular interval and then process the output to keep track of the user logon/off time (roughly)... that's what I have found so far.
Will advise you all once I finish the script and put it in the downloads section.
*EDIT* - yes, I think I'm lucky that I do not need to worry about sys admin or network, only Backup is my job
:-)
Cheers
A
Anger Management
Would you like to reply?
Login or Register to post your comment.