The birchstats
script is no longer supported in BIRCH. When a more robust method
for logging usage is implemented, this page will be updated.
Currently, setting $BIRCH_LOGGING has no effect.
BIRCH currently has a fairly simple method for logging usage. If the
environment varialbe $BIRCH_LOGGING is set to 1, messages listing
the userid and a date stamp will be written to
local/admin/logins.log every time a BIRCH user logs in, and to
gde.log each time a BIRCH user starts GDE. If $BIRCH_LOGGING=0,
messages are not written. This is the default.
To log or not to log
Logging will not
work if the BIRCH filesystem is mounted read-only. If
the filesystem containing BIRCH mounted read-only to other
workstations, logging will not work, and setting BIRCH_LOGGING
to 1 may prevent users from logging in! logins.log and gde.log
have the permissions rw-rw-rw-, meaning that they are
world-writeable. However, on a read-only filesystem,
Privacy/security
considerations. Since logins.log and gde.log must be
world-readable, anyone with login access to the system could
read these files. In practice, they reveal no information other
than the userid and time of login for users, so their potential
usefulness for illicit purposes is dubious.
Turning on logging
Once again: do
not
turn on logging unless the BIRCH filesystem is mounted read-write
to all workstations/servers!
That being said, uncomment the following lines
local.cshrc.source
local.profile.source
#
setenv BIRCH_LOGGING 1
#BIRCH_LOGGING=1 #export
BIRCH_LOGGING
Collating the logging data
So far, there is only a crude method for collating the data. To find
out the number of BIRCH users recorded in logins.log, go to the
local/admin directory and type:
{mira:/home/birch/BIRCH/local/admin}birchstats
logins.log Number of
logins: 18128 logins.log Number of
users: 109
The number of logins is the total number of times anyone has logged
in. The number of users is the number of unique userids found in
logins.log.
Similarly, to find the number of users of GDE,
{mira:/home/birch/BIRCH/local/admin}birchstats
gde.log Number of
logins: 3816 gde.log Number of
users: 65
Obviously, this mechanism could be a bit more sophisticated.
The right way to do this
There are a number of remote method protocols that would
provide a more secure logging mechanism, and that would probably get
around the need to mount the BIRCH filesystem read-write. The big
problem with these approaches, aside from their complexity, is that
they place more demands upon the BIRCH Administrator to know how to
implement them, and make more assumptions about the system being
used. For now, this mechanism will have to suffice.
