For ease of use, BatchLogin maintains a "LOGS" symbolic link to the last day the program executed. Each process creates two log files (As mentioned): A general "log" that shows the session as seen by the user, and a run log file that contains "most" of the text for a session (stuff that you really don't want to have to watch). Most, meaning just about everything but passwords (passwords can potentially show up in a general log file, if the expect coding is poor -- like for example, if the "log_file_on" and "log_file_off" commands don't surround password entry, which is the desirable way to do things).
The name of the general log file is log_[PID].log, where PID is the process ID of the job. The run log is always a concatenation of the word "run", the program, the password list and the process ID number.
For example: run_SHELL_foo_28023.log indicates that the "SHELL" program was run against the foo password list with a process id of 28023. Log files that end in .rsa are assymetrically encrypted with the RSA encryption algorithm and blowfish. They cannot be decrypted without access to the users' private key. This key may be moved from a server where high security of batchlogin jobs is a concern. Doing so will prevent a compromising party from being able to view log files (As well as the user, who has moved the private key to a remote system). Bear in mind that the key is still needed (without the private key, someplace, the data is useless).
# bl2 1) [ABORT] 2) CRYPT_PROGRAM 3) GUI 4) GROUPS 5) LASTLOG 6) LOGS 7) DEBUG 8) DISPLAY 9) PW_UPDATE_VARS 10) SHELL.exp Select script to execute: 6 1) [EXIT] 2) [CHANGEDIR] 3) [CRYPT_ON] 4) [RETURN] 5) run_SHELL_foo_23148.log 6) run_SHELL_WSE_22513.log Select log to view:5 "/export/home/bob/.batch2/logs/LOGS/run_SHELL_foo_23148.log" [Read only] [ The file then displays] 85 lines, 34408 characters (7400 null) Username used will be bob #################################################################### ## BatchLogin Version 2.0.1 ## Logfile /export/home/bob/.batch2/logs/2004/07/15/log_23148.log ## Outfile /export/home/bob/.batch2/logs/2004/07/15/run_SHELL_foo_23148.log ## Script SHELL.exp ## Control foo.blf #################################################################### ## PW: UPDEF=u ERRDEF=p NODEDEF=c UPTIMEOUT=5 ERRTIMEOUT=10 RUNTIMEOUT=10 #################################################################### Checking for passwd on passlist foo.blf . Loading authentication array. Control file foo.blf [ 1 of 1 ] added. Adding list USE.blf. Control file USE.blf [ 2 of 2 ] added.There two other menu options, CRYPT_ON and CHANGEDIR. The CHANGEDIR function allows the user to select log files generated on a different day. The CRYPT_ON function allows a user to select log file encryption for a single run. To permanently turn on log file encryption, the following variable should be exported in the users bltrc:
export LOG_CRYPT="| $CRYPT %s.rsa -blo"This will run the crypt program in rsa/blowfish encryption mode for log file output. Note that the command could be replaced with a user-specific string, if the user is in an daring mood and doesn't mind the output of batchlogin disappearing into a black hole a few times. This is sure to happen during debugging. Here are the specifics: Just about anything that can sit at the end of a pipe, reading from standard in, goes. The %s is replaced at run-time with the log file specification, so if the user-specific program needs the log file name this is where it goes.
# bl2 cat |grep ^DATA
Other shortcuts: bl2 view (loads the file in vi) and bl2 tail. The command "bl2 tail" will tail the current running session with a -f (follow) option turned on. This allows for real-time monitoring of a process under BatchLogin's control.