SUDO error log format

[ian Laing]

Hi,

Environment: AIX 4.3.3, AIX 5.1, AIX 5.2, SUDO 1.6.7

I log all sudo activity locally on each host where sudo is installed, but
want to also periodically collect these local logs centrally and merge them
into one large sudo log so I can have an enterprise overview of sudo use
(daily and/or on demand).

To fit in best with the other logs where I adopt this approach, I'd like
sudo to log at source with a sortable date, followed by the time, the host,
the invoking userid and the sudo specific message and that way I can
sort/merge the sudo log into some of our other home grown logs.

Message logs we generate from scripts have a format, for example, of
"2003.06.23 23:15:22 HOSTA USERB message..."

A simple sort then sorts multiple host logs into a single "time line".

I can "hack" the code to change the date/message format but then would need
to (re)apply that hack on every upgrade (or do I?), or, I can take the easy
way out and reformat the sudo log after collecting the native formatted
files (but then that "wastes" cpu time and adds extra response time.)

Is there anthing in sudo already to help me, or any other work I can pick up
on?

Perhaps I can "fiddle" with my LANG variable settings to change the date
format (?) but then if that were possible that means there my be several
styles of date in any log depending on the users individual LANG settings.

Cheerio,
ian Laing



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.491 / Virus Database: 290 - Release Date: 6/18/03