HP OpenVMS Systems Documentation
HP OpenVMS DCL Dictionary
Displays information about a user's batch and print jobs or about specific job entries.
SHOW ENTRY [entry-number[,...]],[job-name[,...]]
The SHOW ENTRY command displays information about a user's batch and print jobs or about specific job entries.
$ SHOW ENTRY/BY_JOB_STATUS=RETAINED Entry Jobname Username Blocks Status ----- ------- -------- ------ ------ 422 FORECAST JONES Retained on completion On stopped generic batch queue CLUSTER_BATCH Completed 21-DEC-2001 16:18 on queue NODE_BATCH
In this example, the SHOW ENTRY command displays a job entry that was retained on completion.
$ SHOW ENTRY/FULL S* Entry Jobname Username Blocks Status ----- ------- -------- ------ ------ 625 STAFF ESTES 112 Pending (queue stopped) On stopped printer queue LN01$PRINT Submitted 19-DEC-2001 12:14 /FORM=LN01$PORTRAIT (stock=DEFAULT) /NOTIFY /PRIORITY=100 File: _DKA1:[ESTES]STAFF.DIS;3 629 SEARCH ESTES 94 Printing On printer queue LINE$PRINT Submitted 19-DEC-2001 12:16 /FORM=DEFAULT /NOTIFY /PRIORITY=100 /COPIES=2 /NOFEED /PASSALL File: _DKA1:[ESTES.DAILY]SEARCH.TXT;2 (printing copy 2)
In this example, the SHOW ENTRY command displays the current jobname entries beginning with the letter "S" owned by ESTES on all queues. The /FULL qualifier lists the submission information, the full file specification, and the current settings for the job.
Note that entry 629 specified the /COPIES, /NOFEED, and /PASSALL qualifiers to the PRINT command. The /NOFEED qualifier suppresses automatic form feeds. The /PASSALL qualifier suppresses formatting (including form feeds and carriage return characters) performed by the print symbiont.
$ SUBMIT ASSIGNMENTS.COM Job ASSIGNMENTS.COM (queue SYS$BATCH, entry 199) pending . . . $ SHOW ENTRY 199/FULL Entry Jobname Username Status ----- ------- -------- ------ 199 ASSIGNMENTS JONES Executing Submitted 19-DEC-2001 08:36 /KEEP /NOLOG/ NOPRINT /PRIORITY=100 File: DUA2:[JONES]ASSIGNMENTS.COM;34
In this example, JONES submits ASSIGNMENTS.COM for batch processing. Because JONES does not specify a specific queue, the job is entered into the generic SYS$BATCH queue to await processing. After performing other tasks, JONES checks the job status and sees that the file is now executing. Note that the job entry migrated from a generic to an execution batch queue and that JONES was able to check the job status without knowing the specific batch queue name. If the user did not specify an entry number, all jobs would have been displayed.
Displays the error count for all devices with error counts greater than zero.
/EXACTUse with the /PAGE=SAVE and /SEARCH qualifiers to specify a search string that must match the search string exactly and must be enclosed with quotation marks (" ").
If you specify the /EXACT qualifier without the /SEARCH qualifier, exact search mode is enabled when you set the search string with the Find (E1) key.
/FULLDisplays the error count for all devices, including those with no errors. (The error count is either zero or a number greater than zero.)
/HIGHLIGHT[=keyword]Use with the /PAGE=SAVE and /SEARCH qualifiers to specify the type of highlighting you want when a search string is found. When a string is found, the entire line is highlighted. You can use the following keywords: BOLD, BLINK, REVERSE, and UNDERLINE. BOLD is the default highlighting.
/OUTPUT=SYS$OUTPUT (default)Specifies the file to which the display is written. By default, the display is written to the current SYS$OUTPUT device.
If you enter the /OUTPUT qualifier with a partial file specification (for example, specifying only a directory), SHOW is the default file name and .LIS the default file type. The asterisk (*) and the percent sign (%) wildcard characters are not allowed in the file specification.
If you enter the /NOOUTPUT qualifier, output is suppressed.
/NOPAGE (default)Controls the display of error information on the screen.
You can use the following keywords with the /PAGE qualifier:
CLEAR_SCREEN Clears the screen before each page is displayed. SCROLL Displays information one line at a time. SAVE[= n] Enables screen navigation of information, where n is the number of pages to store.
The /PAGE=SAVE qualifier allows you to navigate through screens of information. The /PAGE=SAVE qualifier stores up to 5 screens of up to 255 columns of information. When you use the /PAGE=SAVE qualifier, you can use the following keys to navigate through the information:
Key Sequence Description Up arrow key, Ctrl/B Scroll up one line. Down arrow key Scroll down one line. Left arrow key Scroll left one column. Right arrow key Scroll right one column. Find (E1) Specify a string to find when the information is displayed. Insert Here (E2) Scroll right one half screen. Remove (E3) Scroll left one half screen. Select (E4) Toggle 80/132 column mode. Prev Screen (E5) Get the previous page of information. Next Screen (E6), Return, Enter, Space Get the next page of information. F10, Ctrl/Z Exit. (Some utilities define these differently.) Help (F15) Display utility help text. Do (F16) Toggle the display to oldest/newest page. Ctrl/W Refresh the display.
The /PAGE qualifier is not compatible with the /OUTPUT qualifier.
/SEARCH="string"Use with the /PAGE=SAVE qualifier to specify a string that you want to find in the information being displayed. Quotation marks are required for the /SEARCH qualifier, if you include spaces in the text string.
You can also dynamically change the search string by pressing the Find key (E1) while the information is being displayed. Quotation marks are not required for a dynamic search.
/NOWRAP (default)Use with the /PAGE=SAVE qualifier to limit the number of columns to the width of the screen and to wrap lines that extend beyond the width of the screen to the next line.
The /NOWRAP qualifier extends lines beyond the width of the screen and can be seen when you use the scrolling (left and right) features provided by the /PAGE=SAVE qualifier.
$ SHOW ERROR Device Error Count PNA0: 2 $1$DGA22: (AJAM PGA, ALPHAB) 1 $11$DUA1915: (HSJ018, HSJ019) 14
The SHOW ERROR command displays the error count for all devices with error counts greater than zero.
Displays the contents of the intrusion database.
Requires SECURITY privilege.
The OpenVMS system stores information in the intrusion database about login failures that originate from a specific source and that result from any number of failure types (invalid password, account expired, unknown user name). A security manager can identify possible break-in attempts by using the SHOW INTRUSION command to display the contents of the intrusion database.
The entries in the intrusion database have the following format:
Intrusion Type Count Expiration Source
The information provided in the fields in each entry is as follows:
Field Description Intrusion Class of intrusion. The type of evasive action that the OpenVMS system takes depends on the class of intrusion. Type Severity of intrusion as defined by the threshold count for login failures. Count Number of login failures associated with a particular source. Expiration Absolute time at which a login failure is no longer counted by OpenVMS. The system parameter LGI_BRK_TMO controls how long the OpenVMS system keeps track of a login failure. Source Origin of the login failure. The information provided in this field depends on the class of intrusion.
In the intrusion database, the operating system classifies login failures according to their source. The four classes of system intrusion are as follows:
Intrusion Class Description NETWORK Login failure originating from a remote node, using a valid user name. TERMINAL Login failure originating from one terminal. TERM_USER Login failure originating from one terminal, using a valid user name. USERNAME Login failure attempting to create a detached process.
The class of intrusion determines the type of information presented in the source field of the entry. Information appears in the source field in one of the following formats:
Intrusion Class Format of Source Field NETWORK node::user name TERMINAL terminal: TERM_USER terminal:user name USERNAME user name
The type of evasive action that a security manager can take is based on the type of information provided. For details on how to use this information, see the HP OpenVMS Guide to System Security.
The intrusion database contains two levels of intrusion entries: suspect and intruder. The severity level of an entry is displayed in the type field of the entry. When a login failure associated with a particular source occurs, the OpenVMS system classifies the login failure as suspect. Each succeeding login failure from the same source is counted. The login failure count is displayed in the count field of the entry. The absolute time at which the login failure ceases to be counted is displayed in the expiration field of the entry. When the number of login failures exceeds the number specified by the system parameter LGI_BRK_LIM, the entry is classified as an intruder. However, if the parameter LGI_BRK_LIM is set to zero, the first login failure is not classified as an intruder; the result is the same as if the parameter LGI_BRK_LIM were set to one.
When an entry is promoted to intruder, the OpenVMS system takes evasive action by blocking all login attempts from that particular source.
The duration of the evasive action is determined by the system parameter LGI_HID_TIM. The absolute time at which the evasive action ends is displayed in the expiration field of the entry.
For information on intrusion detection, prevention, and evasive actions, see the HP OpenVMS Guide to System Security.
If you determine that an entry in the intrusion database resulted from a user error and not a break-in attempt, you can remove an entry from the intrusion database with the DELETE/INTRUSION command. See the DELETE/INTRUSION command for more details.
/NODE[=(node-name[,...])]The /NODE qualifier displays each intrusion record with the supporting node information.
If you specify individual nodes, the supporting node information is displayed only for the nodes listed.
/OLDOn VAX, displays the contents of the old kernel mode intrusion database. The kernel mode intrusion database was used by the system and layered products prior to OpenVMS VAX Version 6.1. It is still updated by the system to provide backwards compatability to applications that have not yet converted over to using the supported system services for access to the intrusion database. Entries added directly to the old kernel mode intrusion database by applications may be examined only by using the /OLD qualifier.
/OUTPUT[=filespec]Directs the output from the SHOW INTRUSION command to the file specified with the qualifier. By default, output from the command is displayed to SYS$OUTPUT.
/TYPE=keywordSelects the type of information from the intrusion database that is displayed. The valid keywords are as follows:
ALL All entries. By default, all entries are displayed. SUSPECT Entries for login failures that have occurred but have not yet passed the threshold necessary to be identified as intruders. INTRUDER Entries for which the login failure rate was high enough to warrant evasive action.
$ SHOW INTRUSION/OUTPUT=INTRUDER.LIS
The SHOW INTRUSION command in this example writes all the entries currently in the intrusion database to the file INTRUDER.LIS.
$ SHOW INTRUSION/TYPE=INTRUDER Intrusion Type Count Expiration Source TERMINAL INTRUDER 9 10:29:39.16 AV34C2/LC-1-15: NETWORK INTRUDER 7 10:47:53.12 NODE22::RONNING
In this example, the SHOW INTRUSION command displays all intruder entries currently in the intrusion database.
$ SHOW INTRUSION/NODE NETWORK SUSPECT 5 26-JUL-2001 08:51:25.66 POPEYE::WONG Node: TSAVO Count: 2 Node: FROGGY Count: 2 Node: KITTY Count: 1
This command displays each intrusion record for all nodes.
$ SHOW INTRUSION/NODE=(FROGGY,KITTY) NETWORK SUSPECT 5 26-JUL-2001 08:51:25.66 POPEYE::HAMMER Node: FROGGY Count: 2 Node: KITTY Count: 2