Saturday, July 7, 2012

Appreciation 12

I would like to commend Krishna K for his very helpful and patient handling of this case. His advice has been very helpful in resolving this issue and enabled me to understand an additional issue that has been confounding me for a while. Regards,
Posted by at No comments:

Apprecition 12

This is rajagopal mailing you. Mr. Krishna Murthy – Technical Solution > Consultant gave us a excellent support for resolving this issue. > Thanks for his extensive support which helped us to proceed further in > our support project.
Posted by at No comments:

Apprecaition 11

Hello xxx This is to formally commend the professionalism and expert support delivered by KRISHNA K. He did not only resolve the issue, he also took the time to explain every step thereby ensuring knowledge transfer. We also appreciate the fact that he tailored his responses to our environment. His promptness and respect for our opinion is highly appreciated. This is the type of support we expect from HP. As a customer, I am highly satisfied.
Posted by at No comments:

Appreciation 10

While working with Krish on this case he showed prompt response as well as keeping me up to date on all issues. His emails requesting information were clear and easy to follow. His initiative to pass on the case to the higher tier support was also appreciated.
Posted by at No comments:

Appreciation 9

Hi Krishna, I'd like to thank you for your assistance with the issues we were experiencing. Your knowledge was invaluable in resolving the issues with Ignite. I'd also like to thank you for your pro active approach in chasing to obtain a speedy resolution. Thanks M.
Posted by at No comments:

Appreciation 8

I recently worked with Krishna, xxx on the above cases regarding TiCAP usage. I would like to let you know that I found them to be very helpful and knowledgeable on this subject. This could have been a very difficult case in terms of the large timescale it covers, however, the support they provided was excellent and the call was resolved very quickly and efficiently. Regards, Lee
Posted by at No comments:

Appreciation 6

Hi, I’d like to thank Krishna K for the handling of ticket in Subject. For his quick ownership, finding correct QXR and explanation of the strategy for HP-UX patching. Regards, Vladimir Drzik
Posted by at No comments:

Appreciation 7

Hi Krishna, I'd like to thank you for your assistance with the issues we were experiencing. Your knowledge was invaluable in resolving the issues with Ignite. I'd also like to thank you for your pro active approach in chasing to obtain a speedy resolution. Thanks M.
Posted by at No comments:

Appreciation5

Hello xxxx, Recently we worked with Krishna above case and following is our recommendation • A very valuable resource you have. I want to take a moment to appreciate the excellent technical support provided by Krishna. He was very patient, pleasant, helpful and had a deep knowledge of the subject matter. He is really an asset to your company. • He provide us some brilliant support and resolution towards the above cases. • He is knowledgeable and communicates well. I enjoyed working with him during the case. This is to formally commend the professionalism and expert support delivered by Krishna. He did not only resolve the issue, he also took the time to explain every step thereby ensuring knowledge transfer. His promptness and respect for our opinion is highly appreciated. This is the type of support we expect from HP. As a customer, I am highly satisfied.
Posted by at No comments:

Appreciation 4

Hello xxx I am UNIX team lead working with xxxx Corporation in , USA. I had opened CASE:xxxxx for some compliance related questions. This was extremely time sensitive. That morning I called HP support and I get chance to interact with Krishna . I have nothing but all positive things to say about my experience calling HP. This was my first time call in absence of SME from the team but I did receive a lot of comfort and confidence from Krishna to address the issue together. He worked with me as team and answered the concern exactly. He also did send me follow-up mail conversation which was extremely important to document with audit to close the compliance task. He is really valuable asset in your team."
Posted by at No comments:

Appreciation 3

Hello Recently we worked with Krishna above case and following is our recommendation • A very valuable resource you have. I want to take a moment to appreciate the excellent technical support provided by Krishna. He was very patient, pleasant, helpful and had a deep knowledge of the subject matter. He is really an asset to your company. • He provide us some brilliant support and resolution towards the above cases. • He is knowledgeable and communicates well. I enjoyed working with him during the case. Thanks & Regards
Posted by at No comments:

Appreciation2

Dear , I’m the senior UNIX Admin at Acxiom and have been dealing with one of your team; Krishna on the case detailed below. We have been extremely impressed by his quick turnaround once he took up the case – this issue had previously been “stalled” due to a disconnect between our teams. What impressed me was not his technical knowledge (although he did appear very knowledgeable) – but his understanding of our situation and the fact he took ownership of our issue and pushed it to a successful resolution. This is very welcome these days – and not common across all vendors and left a good impression of HP! Many thanks. Stewart
Posted by at No comments:

Appreciation1

Subject: FW: Issue with LVM configuration on a clustered VG, Hi there, With regards to the above case, I would be grateful if you would pass on my thanks to all the engineers specially Krishna who worked for several hours to help me out with the issue. They were very helpful, knowledgeable and worked brilliantly as a team to help resolve the problem. Excellent service! Regards, Julia
Posted by at No comments:

Wednesday, May 23, 2012

Auditing in HP-UX

suggest enabling Auditing is a better option as this will record all the information you need. You can try this in your test server to get an idea how this works and how you can then review the logs. There is several options. I suggest you check this on a test server 1st. Yes you don’t have to convert the system to ‘trusted’ mode. Here I give you an example how you can enable auditing and audit ‘root’ user. Setup the auditing logfiles. # audsys -n -N 2 -c /var/.audit/auditing -s 1000 created audit trail directory: /var/.audit/auditing auditing system started Verify the above command: # audsys auditing system is currently on current trail: /var/.audit/auditing next trail: none statistics- afs Kb used Kb avail % fs Kb used Kb avail % current trail: 1000 90 91 8912896 7740272 13 next trail: none Auditing system is actively writing to 2 file(s). Next select a user for which end-user desires to track and create an audit trail of failed logins. For example, please select the root user. secweb a terminal-based gui method can be run or use the command-line to achieve this. # secweb Using secweb here's the 1st screen shot: Auditing and Security Attributes Configuration -------------------------------------------------------------------------------- s - System Defaults - Configure system-wide values of security attributes l - Local Users - Configure per-user values of security attributes of local users e - Audit Events - Set audit state for events c - Audit System Calls - Set audit state for system calls d - View Audit Parmeters - View current audit monitor and log parameters v - View Audit Log - Filter and view contents of audit log Select l to go to the next screen which would display among other users, the root user as well: Auditing and Security Attributes Configuration-> Local Users -------------------------------------------------------------------------------- Displaying Local Users Name User Id User Values ====================================================================================================================================================== ... root 0 no <-- notice the value of "no" ... -------------------------------------------------------------------------------- x-Exit smh ESC-Back 1-Help /-Search ENTER-View Security Attributes m-Audit multiple users 2-userdb(4) Manpage Hit m to Audit multiple users . Scroll the cursor to the root user and select it by hitting the space bar, and hit a Audit selected users . The next screen will also show the command-line equivalent of achieving the above. Click ok and determine confirm success of the operation with this message: Command Successful press Enter Key to continue The next screen should now show up root as being setup to be audited: Auditing and Security Attributes Configuration-> Local Users ->Audit multiple users -------------------------------------------------------------------------------- Displaying Local Users Name User Id User Values ========================================= ============================================================================ > root 0 yes <-- notice the value of "yes" The command line equivalent for the above. #/usr/sbin/userdbset -u root AUDIT_FLAG=1 To confirm that the root user has been setup for auditing: # userdbget -u root root AUDIT_FLAG=1 Now use secweb again to select the Audit Events (e) first to select the events and then go to Audit System calls (c) and select appropriate system calls you would like to audit. #secweb Auditing and Security Attributes Configuration -------------------------------------------------------------------------------- s - System Defaults - Configure system-wide values of security attributes l - Local Users - Configure per-user values of security attributes of local users e - Audit Events - Set audit state for events c - Audit System Calls - Set audit state for system calls d - View Audit Parmeters - View current audit monitor and log parameters v - View Audit Log - Filter and view contents of audit log Select e to go to the next screen which would display events that could be audited Use m to audit multiple events and scroll and select all the events using spacebar x-Exit smh s-Audit Success Only b-Audit Both Success and Failure ESC-Back /-Search SPACE-Toggle Selection f-Audit Failure Only n-Audit Neither Success nor Failure 1-Help Then you can choose any of the options that are given above to enable to disable event/syscall. EXAMPLE: In my case I enabled the event ‘delete’ and the audit syscall ‘rmdir’ to check if root deletes any directory. Then I created a directory called test and removed it using rmdir. To view the logfiles created by the auditing subsystem: #audisp -u root E.g: #audisp -u root -c rmdir /var/.audit/auditing > /tmp/rmdir.out # more /tmp/rmdir.out Event: rmdir Time: Fri Dec 10 15:29:48 10 IST PID: 292 PPID: 26742 User/Grp: 0/3(root/sys) Groups: 3(sys), 0(root), 1(other), 2(bin), 4(adm), 5(daemon), 6(mail), 7(lp), 20(users) Effective privileges: "BASIC" Permitted privileges: "BASIC" Retained privileges: "BASIC" Audit tag: 0: -1:root:201012100857 TTY: pts/1 Return1: 0 Arg 1 (file info): given path = "/test" inode = 594 device = 64, 0x3 mode = 040755 owner uid/gid = 0/3 type = directory Similarly you can audit many events/syscall which you can view via secweb. This gives all the details you are looing for. More details refer the man page of ‘audsys’ ‘audisp’ etc Also check the admin guide.
Posted by at No comments:
Labels:

Kannada Learning

Kannad Learning :- http://kannadakasturi.com/kasturiDictionary/Searchword.asp http://kannadakasturi.com/ http://www.languageshome.com/English-Kannada.htm
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)