Hello, I'm having a hard time trying to understand the aruser.log for our AR System 6.3 p20.
I did a grep for the username dbova in the user log and here are the results: <USER> <TID: 0000000020> <RPC ID: 0032198820> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Mon Jul 20 2009 09:23:10.2993 */ BAD PASSWORD dbova <USER> <TID: 0000000020> <RPC ID: 0032198821> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Mon Jul 20 2009 09:23:10.3138 */ BAD PASSWORD dbova <USER> <TID: 0000000029> <RPC ID: 0032199153> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Mon Jul 20 2009 09:23:27.4399 */ BAD PASSWORD dbova <USER> <TID: 0000000020> <RPC ID: 0032199255> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Mon Jul 20 2009 09:23:36.2532 */ BAD PASSWORD dbova <USER> <TID: 0000000024> <RPC ID: 0032199598> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Mon Jul 20 2009 09:23:56.2039 */ FLOAT GRANT WRITE dbova (38 of 59 write) <USER> <TID: 0000000007> <RPC ID: 0032668367> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Mon Jul 20 2009 17:03:12.9913 */ FLOAT RELEASE dbova (36 used of 59 write) <USER> <TID: 0000000027> <RPC ID: 0033529071> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Tue Jul 21 2009 14:34:19.0373 */ BAD PASSWORD dbova <USER> <TID: 0000000027> <RPC ID: 0033529072> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Tue Jul 21 2009 14:34:19.0541 */ BAD PASSWORD dbova *<USER> <TID: 0000000028> <RPC ID: 0033529326> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Tue Jul 21 2009 14:34:38.2195 */ FLOAT GRANT WRITE dbova (55 of 59 write)* *<USER> <TID: 0000000022> <RPC ID: 0033761086> <Queue: List > <Client-RPC: 390620 > <USER: jsommers > /* Tue Jul 21 2009 18:30:40.0390 */ FLOAT EXPIRED WRITE dbova (43 used of 59 write) <USER> <TID: 0000000020> <RPC ID: 0034229939> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 22 2009 09:52:35.1369 */ BAD PASSWORD dbova <USER> <TID: 0000000020> <RPC ID: 0034229940> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 22 2009 09:52:35.1521 */ BAD PASSWORD dbova <USER> <TID: 0000000029> <RPC ID: 0034230096> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 22 2009 09:52:43.1851 */ BAD PASSWORD dbova <USER> <TID: 0000000021> <RPC ID: 0034230407> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 22 2009 09:53:02.2090 */ FLOAT GRANT WRITE dbova (51 of 59 write) *<USER> <TID: 0000000010> <RPC ID: 0034555266> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 22 2009 15:14:17.0209 */ FLOAT RELEASE dbova (55 used of 59 write) <USER> <TID: 0000000010> <RPC ID: 0034555266> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 22 2009 15:14:17.0334 */ FLOAT GRANT WRITE dbova (56 of 59 write) <USER> <TID: 0000000019> <RPC ID: 0034689232> <Queue: List > <Client-RPC: 390620 > <USER: rcarsten > /* Wed Jul 22 2009 17:31:04.1739 */ FLOAT EXPIRED WRITE dbova (46 used of 59 write) <USER> <TID: 0000000018> <RPC ID: 0035315632> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Thu Jul 23 2009 12:16:47.3378 */ FLOAT GRANT WRITE dbova (54 of 59 write) <USER> <TID: 0000000028> <RPC ID: 0035446462> <Queue: List > <Client-RPC: 390620 > <USER: panderson > /* Thu Jul 23 2009 14:31:29.4235 */ FLOAT EXPIRED WRITE dbova (56 used of 59 write) <USER> <TID: 0000000020> <RPC ID: 0040326962> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 29 2009 10:30:43.6971 */ BAD PASSWORD dbova <USER> <TID: 0000000020> <RPC ID: 0040326963> <Queue: Fast > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 29 2009 10:30:43.7107 */ BAD PASSWORD dbova *<USER> <TID: 0000000009> <RPC ID: 0040327172> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 29 2009 10:31:00.6144 */ FLOAT GRANT WRITE dbova (50 of 59 write) <USER> <TID: 0000000026> <RPC ID: 0040793362> <Queue: List > <Client-RPC: 390620 > <USER: ddostal > /* Wed Jul 29 2009 18:34:17.3243 */ FLOAT EXPIRED WRITE dbova (35 used of 59 write) <USER> <TID: 0000000021> <RPC ID: 0040797191> <Queue: List > <Client-RPC: 390620 > <USER: dbova > /* Wed Jul 29 2009 18:40:02.7274 */ FLOAT GRANT WRITE dbova (33 of 59 write)* <USER> <TID: 0000000028> <RPC ID: 0040970764> <Queue: List > <Client-RPC: 390620 > <USER: snoble > /* Thu Jul 30 2009 00:34:24.1687 */ FLOAT EXPIRED WRITE dbova (27 used of 59 write) Basically, I'm writing a Java program to determine a few statistics. First, the number of logins a user performs; second, the average time the user was logged in; and finally the average time the user had a write license. Everything is going well, however, I'm having a hard time determining when the user logs out. I'm referring to the lines in bold/non italic. There you see dbova logging in and grabbing a write license. Then 2.5 hours later, jsommers logged in which caused the system to initiate a flush of the memory and resulted in expiring dbova's license. The next lines, you see dbova trying to log in with a bad password and finally logs in with a write license. My question is, at what point did dbova log out? If it wasn't for the bad password attempts, I'm not sure there's a way to know. This is what the docs say about these license actions: GRANT WRITE - A connection was established for a user with a write license. RELEASE - A connection was released by exiting the client. FLUSH - A connection was released by a time-out. ADMIN RELEASE - A connection was released explicitly by an administrator. BAD PASSWORD - An attempt was made to log in as this user, but the password was invalid. NO WRITE FREE - A user with a floating write license attempted to connect. However, no floating license tokens were available. A connection was established for read access only. WRITE UPGRADE - A connection for a user was upgraded from a read connection to a write connection as a floating write license token became available. EXPIRED WRITE - A connection for a write license was released by a time-out. Some other connection is maintained, because FLUSH was not specified. As I understand it, a log out seems to be logged on a FLUSH and RELEASE. A login is logged on a GRANT WRITE and NO WRITE FREE. A WRITE UPGRADE seems to be if the user logged in and received a NO WRITE FREE and later received a write license. A EXPIRED WRITE is when the license times out but you are still connected to the system so you would drop down to a read license. Referring of the log file, it would lead me to believe that dbova was still connected to system with a read license when her write license expired. However, the following BAD PASSWORD attempts clue me in that she was reconnecting to the system. So where did she log out at? Theoretically, if she was still logged in, would the system log a WRITE UPGRADE if she performed an action that required a license? Looking further down the log file, we come to a situation where there are no BAD PASSWORD attempts. On *Jul 29 2009 @ 10:31:00.6144*, dbova logged in and was granted a write license. 8 hours later, ddostal logged in and again dbova's license had expired. 6 minutes later she was granted another write license via GRANT WRITE. Does this mean dbova logged in or were they already connected and just upgraded to a write license? The description of EXPIRED WRITE seems to indicate the user is still logged in, but with out a write license. The log, however, tells a different story. It would seem the user had already logged out by other means but the system thought they were still connected and performed an EXPIRE WRITE operation on their license instead of a FLUSH. Would you agree? Would it be incorrect to assume that the EXPIRED WRITE means a logout if proceeded by a GRANT WRITE? If the description isn't correct, what does the EXPIRED WRITE mean to the actual connection to the AR System? What is this "some other connection" the description is referring to? Not sure how many of you know the inner guts of the AR System to answer this question. I may be the only one that has discovered this as I couldn't find it in the list archives and unfortunately, the BMC knowledge base isn't expansive enough to cover a topic like this other than repeating what is in the documentation :( One last question to add, for an ADMIN RELEASE, is the connection terminated or is their license just revoked? Thanks for you help in advance if anyone can help me :) -- "A fool acts, regardless; knowing well that he is wrong. The ignoramus acts on only what he knows, but all that he knows. The ignoramus may be saved, but the fool knows that he is doomed." Bob Halstead _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor:[email protected] ARSlist: "Where the Answers Are"
