Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: User History and commnad log
Top Forums UNIX for Dummies Questions & Answers User History and commnad log Post 302165966 by otheus on Sunday 10th of February 2008 06:35:44 AM
Old 02-10-2008
Use "last" to see who's logged in
The command you want is "last". It uses the information from wtmp, which after 30 days gets moved to /var/adm/wtmpx.1 or something like that.

Use last by itself to get the standard report. Remote logins will have the IP address in the 3rd column. (Locally spawned sessions, ie, Xterms or virtual terminals will not have an IP address.) Use -f filename to use the older wtmpx file.

As the previous poster hinted at, hackers may be able to cover their tracks, so this only helps with authorized access. To cross-reference, you can also look at the logs from /var/adm/messages*. To enable more verbosity in log messages, you should tweak entries in both /etc/pam.conf, /etc/syslogd.conf, and /etc/ssh/sshd.conf.
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How to delete history for a particular user

Hi All, Whenever I log in to my terminal and execute some cmds and then I type "history", I get the list of all the commands that I have executed. I want to know where is the history been stored (any path location ?) Secondly,if I want to delete the history or some part of the history, can... (9 Replies)
Discussion started by: shubhranshu
9 Replies

2. UNIX for Advanced & Expert Users

How to access all user history file

Team , using fc command we can get details of our history file .. Is it possible to get the same result for different user from root.. Actually I need to collect all the stuff from select users history file for day to day basis. thanks in advance .. (2 Replies)
Discussion started by: rgpai9972
2 Replies

3. UNIX for Dummies Questions & Answers

User History

How do I pipe serveral commans that will list only the user ids, sort the output, and remove any duplice name entries for those that have logged in in the past month? Thanks! (1 Reply)
Discussion started by: CasperQuiet
1 Replies

4. Shell Programming and Scripting

access user history as root

Hi, I need to access a user's command history. However, the dilemma is that he is logged in and so his current history is not yet flushed to .bash_history file which gets flushed when he logs out. Is there a way I can still access his most recent history? thank you, S (4 Replies)
Discussion started by: sardare
4 Replies

5. Solaris

Command History for a user with IP details

Hi We are sharing our envoirnment with our component teams. the plateform is SunOS 5.8 Generic_117350-41 sun4u sparc SUNW,Sun-Fire-V490. All team logs in the domain with same user and perform activities. Now for the system auditing purpose can somebody guide me how can I get the details when... (6 Replies)
Discussion started by: sukhvinder_Tm
6 Replies

6. UNIX for Advanced & Expert Users

History to Another file [local user history , but root access]

Hi all, My need is : 1. To know who , when , which command used. 2. Local user should not delete this information. I mean , with an example , i can say i have a user user1 i need to give all the following permissions to user1, : a. A specific directory other than his home... (3 Replies)
Discussion started by: linuxadmin
3 Replies

7. Shell Programming and Scripting

command history of a particular user in a multiuser environment

Is it possible to find out the history of recently typed in commands of a particular user in a multi user system? the history command expects a numeric argument with it. is it possible to find out the history o commands of a particular user say John_smith for example? (2 Replies)
Discussion started by: arindamlive
2 Replies

8. UNIX for Dummies Questions & Answers

History to Another file [local user history , but root access]

Hi all, My need is : 1. To know who , when , which command used. 2. Local user should not delete this information. I mean , with an example , i can say i have a user user1 i need to give all the following permissions to user1, : a. A specific directory other than his home... (1 Reply)
Discussion started by: sriky86
1 Replies

LEARN ABOUT CENTOS

doveadm-log

DOVEADM-LOG(1)							      Dovecot							    DOVEADM-LOG(1)

NAME

       doveadm-log - Locate, test or reopen Dovecot's log files

SYNOPSIS

       doveadm [-Dv] log errors [-s min_timestamp]
       doveadm [-Dv] log find [directory]
       doveadm [-Dv] log reopen
       doveadm [-Dv] log test

DESCRIPTION

       The  doveadm  log commands are used to locate and reopen the log files of dovecot(1).  It's also possible to test the configured targets of
       the *log_path settings.

OPTIONS

       Global doveadm(1) options:

       -D     Enables verbosity and debug messages.

       -v     Enables verbosity, including progress counter.

COMMANDS

   log errors
       doveadm log errors [-s min_timestamp]

       The log errors command is used to show the last	- up to 1,000 - errors and warnings.  If no output is generated, no errors  have  occurred
       since the last start.

       -s min_timestamp
	      An  integer  value, representing seconds since the epoch - also known as Unix timestamp.	When a min_timestamp was given, doveadm(1)
	      will only show errors occurred since that point in time.

   log find
       doveadm log find [directory]

       The log find command is used to show the location of the log files, to which dovecot(1) sends its log messages.	 If  dovecot(1)  logs  its
       messages  through  syslogd(8)  and doveadm(1) could not find any log files, you can specify the directory where your syslogd writes its log
       files.

   log reopen
       doveadm log reopen

       This command causes doveadm to reopen all log files, configured in the log_path, info_log_path and debug_log_path settings.  These settings
       are configured in /etc/dovecot/conf.d/10-logging.conf.
       This is for example useful after manually rotating the log files.

   log test
       doveadm log test

       This command causes doveadm to write the message "This is Dovecot's priority log (timestamp)" to the configured log files.  The used prior-
       ities are: debug, info, warning, error and fatal.

EXAMPLE

       This example shows how to locate the log files used by dovecot(1).

       doveadm log find
       Looking for log files from /var/log
       Debug: /var/log/dovecot.debug
       Info: /var/log/mail.log
       Warning: /var/log/mail.log
       Error: /var/log/mail.log
       Fatal: /var/log/mail.log

REPORTING BUGS

       Report bugs, including doveconf -n output, to the Dovecot Mailing List <dovecot@dovecot.org>.  Information about reporting bugs	is  avail-
       able at: http://dovecot.org/bugreport.html

SEE ALSO

       doveadm(1)

Dovecot v2.2							    2013-11-24							    DOVEADM-LOG(1)
All times are GMT -4. The time now is 07:33 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy