How to identify all the log events/entries written to both of the files. At least is it possible to find if the security events written to the "sys" type file is a subset of all the security events written to the "sec" type file?
The suggested "punct" does not work. do I need to write python script to compare and identify the duplicate messages written to both files?
thanks. why did I receive "0" matching event after running the above suggested search. I obtained "0" matching event even after the first where, i.e. after where mvcount(punct) > 1? However, I can observe the idential log entries in the both sourcetypes (they are from differnet files).