Manage wtmp Log Size In Aix

1. CONVERT WTMP FILE TO A  TEXT FILE AND REMOVE UNWANTED ENTRIES.


Covert the wtmp file to readable ascii text file:

/usr/sbin/acct/fwtmp < /var/adm/wtmp > /tmp/wtmp.ascii.txt
We can calculate number of lines of wtmp.ascii.txt file;

# cat /tmp/wtmp.ascii.txt|wc -l
    3010110

See... how big it is!

We can use text editor such as vi editor or other text editor to remove unwanted entry from this wtmp.ascii.txt file. However, if the file is too big, some text editor software is unable to open it.

As an option, we can keep only last 1,500,500 lines (it is my number, you can choose your number yourself);

tail -1500500 /tmp/wtmp.ascii.txt >> /tmp/wtmp.ascii2.txt

We might edit the smaller wtmp.ascii2.txt file using text editor.

2. CONVERT THE TEXT FILE BACK TO WTMP FORMAT AND COPY TO THE DEFAULT LOCATION

Use the trimmed file.

/usr/sbin/acct/fwtmp -ic < tmp/wtmp.ascii2.txt> /var/adm/wtmp


3. REMOVE TEMPORARY FILES (optional).

rm /tmp/wtmp.ascii.txt

rm /tmp/wtmp.ascii2.txt

4. WE CAN COMPRESS WTMP LOG

cp /var/adm/wtmp /tmp

compress /tmp/wtmp

or gzip -9 /tmp/wtmp
cp /tmp/wtmp.Z /var/adm/

cp /dev/null /var/adm/wtmp

Comments

Post a Comment

Popular posts from this blog

Forgot EVA Command View admin userid/password

Image
How to change or recover HP EVA Command View userid/password? You are the new system engineer and you want to manage one HP Storageworks using EVA Command View but you dont have an id/password for it. You can simply change the id/password of it, provided you have an administrator id (regardless it is domain/local admin) for the server where the EVA Command View is installed. Find the local user account for that particular machine and look for HP Storage Admins group. Check the properties and find out who is the member of that group. As example below, eva is the userid I am looking for. You can change the password of this userid or you can even add a new member for this group. Now, you can login into EVA Command View using this id and new password.
Read more

DB2 related

The following notes are for myself only. Whoever happened to accidentally read these notes, please do not ask any question. SQL2413N Online backup is not allowed because the database is not recoverable or a backup pending condition is in effect. Explanation Online backup cannot be performed while the database is not logging for forward recovery as forward recovery will be required at restore time. Forward recovery is placed into effect by setting either the database configuration LOGARCHMETH1 or LOGARCHMETH2 and then performing an offline backup of the database. User response Execute an offline backup or reconfigure the database for roll-forward recovery and issue an offline backup so that subsequent online backups will be allowed. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ The operation failed because the specified database cannot be connected to in the mode requested.  SQLSTATE=57019 Resolving the problem The issue can be addressed by usin...
Read more