Flags

-c MNCType
Filters account records by the type of MNC packet. Valid values for MNCType include MNC type identifiers, such as ip-lan, sms, ardis-tcp, or dataradio-msc. For example: wg_acct -c sms
-C
Generates a compressed format by reducing the number of columns, such as the time stamp and user ID columns.
-d
Generates a summary that is based on the IP addresses of all connected SafeLinx Clients or mobile devices.
-e End
End time for packet filter as specified by time stamps, the format of which is yymmdd[.hhmmss].
-f
Does not stop at end-of-file or end of database records, but continues running and displaying new entries as they occur (similar to tail -f).
-F OutFileName
Direct output to OutFileName. An output file that is created with the -F flag cannot be used as input for the FileName flag.
FileName
Read input from a specified file, rather than from the default. This parameter is only available when you store accounting and billing records in a file; the parameter is ignored if accounting and billing records are stored in a relational database. This file is in /var/adm/ on AIX, Linux, or Solaris. On Windows, this file is in C:\Program Files\HCL\SafeLinx Server\logs.
-h
Does not generate the column header line or the packet total summary lines. When you run wg_acct, it generates column headers on the first line and packet total summary lines at the end of the output. Use this flag to suppress the column headers and packet total summary lines.
-I
Displays connection information that is obtained at login for the WLP version, SafeLinx Client version, operating system type, and operating system description. The string N/A is inserted when the client does not provide the information. This flag must be used with the flag -T login.
-l Count
Begins processing input at packet record number Count, where Count is an integer.
-m SafeLinxClient
Filters packets for a specified IP address, where MobileClient equals a dotted decimal IP address or host name. The specified address must be a VPN address that is assigned by the Connection Manager for the current session. Host names must be resolvable to IP addresses in the DNS or local hosts file.
-M MobileMask
Filters packets from all addresses that are within the specified subnet MobileMask. This flag, which is only used with the -m flag, enables a subnet mask to be applied to the IP address specified by the -m flag.
-n
Reverse the current packet filter to display only packets that would otherwise be ignored. This flag is valid for use with other flags only, however it cannot be used with the -T flag. If you use the flag on its own or with the -T flag, an undefined result occurs.
-o OtherDevice
Filters packets for the IP address on the other end of the packet, where OtherDevice equals a dotted decimal IP address or host name. For example, if you want to see all packets that are exchanged with 38.38.130.9, specify -o 38.38.130.9.
-O OtherMask
Filters packets from all addresses that are within a subnet. This option, which is only used with the -o flag, enables a specified subnet mask, OtherMask, to be applied to the IP address specified by the -o flag.
-p Days
Purge database records that are older than the specified number of days. For example, specify wg_acct -p 90 to delete all records older than 90 days or specify wg_acct -p 0 to delete all records in all tables. Combine the p parameter with the T parameter to specify the packet type to delete. For example, to delete all records older than 30 days in the WLP data packet table, specify wg_acct -p 30 -T pkt. Or, specify wg_acct -p 0 -T session to delete all session records.
-P Platform
Filter packets to display only login records from a specified operating system type. Combine the P parameter with the T parameter to specify the packet type to display.
  • 1 - Reserved
  • 2 - Reserved
  • 3 - MAC
  • 4 - Reserved
  • 5 - Reserved
  • 6 - Windows 32-bit
  • 7 - Windows CE
  • 8 - Reserved
  • 9 - Reserved
  • 10 - Reserved
  • 11 - Reserved
  • 12 - Reserved
  • 13 - Reserved
  • 14 - Reserved
  • 15 - Linux
-s Start
Start time for packet filter as specified by time stamps, the format of which is yymmdd[.hhmmss].
-S
Does not check the version. When the SafeLinx Server starts, it inserts a version record into the log to indicate the format. If wg_acct checks this format and does not understand it, the command does not run. Use this flag to skip the version check and run the command.
-t
Generates a summary only. Rather than generating detailed line-by-line output for every packet, this flag generates a summary. The summary lists the number of bytes transmitted/received, compression, header reduction, encryption, and so forth.
-T [failedlogin | login | logout | connect | disc | session | hold | natmaps | pkt | smspkt | roam]
Filters packets by type. The default type is pkt. If you specify multiple packet types, the command uses the last one that you specify only.
-T failedlogin
Filters by packets that result from SafeLinx Client login failures. For each failed login attempt the following information is displayed: Date/Time, User, IP Address, MNC, Device, and Event.
-T login
Filters by packets that result when a SafeLinx Client establishes a connection to mobile access services. For each login attempt the following information is displayed: Date/Time, User, IP Address, MNC, Device, and Event.
-T logout
Filters by packets that result when a SafeLinx Client disconnects from mobile access services. For each logout the following information is displayed: Date/Time, User, IP Address, MNC, Device, Event Duration, PktIn, PktOut, BytIn, BytOut, DscPkt, RxmtPkt, DscByte, and RxmtByt (Dsc = discard, Rxmt = retransmit).
-T connect
Filters by packets that contain data that is related to a SafeLinx Client's connection to mobile access services. Displays records that are generated when a dial-up or http MNC based session is moved out of a short-hold state and resumed. The following information is displayed: Date/Time, User, IP Address, MNC, Device, and Event.
-T disc
Filters by packets that result from the disconnection of a dial-up connection from a modem on the mobile access services. Displays records that are generated when a dialup or http MNC session is moved into a short hold state. The following information is displayed: Date/Time, User, IP Address, MNC, Device, Event Duration, PktIn, PktOut, BytIn, and BytOut.
-T session
Filters by packets that record the duration of a session from login to logout. Displays records that are generated by all session-related events (login, logout, roam, keyrotation). The following information is displayed: Date/Time, User, IP Address, MNC, Device, Event Duration, PktIn, PktOut, BytIn, BytOut, DscPkt, RxmtPkt, DscByte, and RxmtByt (Dsc = discard, Rxmt = retransmit).
-T hold
Filters by packets that are generated when physical connections for SafeLinx Clients in short-hold mode are dropped while their login connections are maintained. Displays records that are generated when a HOLD state occurs due to drops in the line driver to a mobile network. This parameter is valid for mobitex and datatac networks only.
-T natmaps
Filters by packets that indicate the physical and virtual endpoints of application-level traffic that traverses the SafeLinx Server's network address translator resources. Applies only in environments in which network address translator resources are defined. The following information is displayed: Mobile Address, Mobile Port, NAT Address, NAT Port, DstAddress, DSTPort User, and Date/Time.
-T pkt
Filters only IP packet traffic. Each IP packet generates an accounting record that contains information about what was done to the packet, sizes, and so forth. Displays records that indicate packet destination, the effects of encryption and compression on packet size, and the actual transmission size. The following information is displayed: Date/Time, MNC, Device, IP, Red, Comp, Cryp, Fram, Sent, Other Device, and Mobile Client.
-T smspkt
Filters by SMS message packet traffic. Displays records similar to pkt except that it lists PPG-related message accounting information. The following information is displayed: Date/Time, Bearer, MType, Data, Client, and Destination.
-T roam
Filters by packets that are generated by SafeLinx Client roaming events. When the SafeLinx Client sends a request to the SafeLinx Server to roam from one interface to another, the SafeLinx Server determines whether the request is valid. If the request is valid, a roam record is generated. Displays records that are generated when a session is roamed to a new device. The following information is displayed: Date/Time, User, IP Address, MNC, Device, Event, Duration, PktIn, PktOut, BytIn, and BytOut.
-u UserID
Filters packets by a specified full distinguished name. By default, the command attempts to match the specified distinguished name exactly. For example, wg_acct -u uid=sunny,o=hcl,c=usYou can alter the default behavior by entering wildcard characters ('*'). If you use wildcards, enclose the user ID in double quotation marks (""). For example, if you specify -u "*any*" the command filters by user IDs that contain the string any.