Sponsored Content
Top Forums UNIX for Dummies Questions & Answers Severity Level in syslog.conf Post 11781 by LivinFree on Wednesday 12th of December 2001 03:02:08 AM
Old 12-12-2001
Also, see if your system supports btmp. It's kind of like wtmp, but for bad logins. You can usually test this by finding your wtmp file (in my case it's in /var/log), and :
Code:
touch /var/log/btmp

Now try opening another session to your box, and purposely fail to provide the correct password. If the file grows in size, you're now keeping track of failed logins.

Although:
You must be careful who has the ability to read this file... A common scenario is when you accidentally put your password in as your username... someone who reads that file can keep an eye out for that.
 

10 More Discussions You Might Find Interesting

1. Red Hat

syslog.conf

Hi all I have a RedHat Linux AS2.1 server that keep crashing/rebooting and there are no messages in the /var/log/messages file pointing to any problems. I had a look at the /etc/syslog.conf file to see what gets logged to /var/log/messages, but I don't know what else to add. Can anyone tell me... (1 Reply)
Discussion started by: soliberus
1 Replies

2. HP-UX

Event Monitor notification : Severity Serious : what does that mean ???

Hi I received this mail (root) on my hp-ux 11.00. >------------ Event Monitoring Service Event Notification ------------< Notification Time: Thu Mar 22 08:41:28 2007 hostname sent Event Monitor notification information: /storage/events/disks/default/0_0_1_1.0.0 is >= 3. Its current value... (6 Replies)
Discussion started by: touny
6 Replies

3. Linux

SYSLOG.CONF another port

Hi everybody, i have a little problem... I have two server srv01 and srv02. srv02 have a syslogd server onboard and listen on 515... not on 514 (it's busy). How i configure the syslog.conf of srv01 for send logs on srv02:515 ??? Now i have on srv01: *.* @srv02 if i write: *.* ... (0 Replies)
Discussion started by: Zio Bill
0 Replies

4. Solaris

syslog-ng.conf

Has anyone here configured a central syslog server using syslog-ng ? I have set one up and I'm trying to tune the syslog-ng.conf file, both for the server and the client. I have found lots of linux example files, but not much on Solaris which is slightly different. So if you have a Solaris... (5 Replies)
Discussion started by: Tornado
5 Replies

5. Solaris

Want to know about a entry in syslog.conf

Hi Everyone, I just wanted to know about the below entry in syslog.conf in Solaris 10: kern.notice @destserver Now the log will be redirected to destserver. But I want to know the location on the destserver where this log will be thrown. Thanks in Advance, Deepak (4 Replies)
Discussion started by: naw_deepak
4 Replies

6. UNIX for Advanced & Expert Users

Modifying syslog.conf

I have a RHEL box that I want to be the loghost for all of the other systems on my network and have set up a /logs partitions to hold all of the logs. I've also created a file called current.log that will contain daily logs and created it using the following command: cp /dev/null current.log. ... (4 Replies)
Discussion started by: goose25
4 Replies

7. Shell Programming and Scripting

syslog.conf

How can i configure messages with warn priority to be logged in /var/log/mywarnings.log ? (1 Reply)
Discussion started by: g0dlik3
1 Replies

8. Solaris

best configuration for syslog.conf

I would like to configure the syslog.conf to have a good monitoring information about my system. do you have any idea about best configuration from your experience in your Data Centers BR, (5 Replies)
Discussion started by: maxim42
5 Replies

9. Red Hat

Configuring syslog.conf

Hi, I would like to configure syslog linux client, syslog server is windows server. so adding on linux client in /etc/syslog.conf @hostname will work in the place of directory location. example of /etc/syslog.conf # Log all kernel messages to the console. # Logging much else clutters up... (2 Replies)
Discussion started by: manoj.solaris
2 Replies

10. Solaris

Which are the available entries to forward syslog in syslog.conf?

Hi Community Which are the available entries to forward syslog in syslog.conf i have put *.err;kern.debug;daemon.notice;mail.crit;user.alert;user.emerg;kern.notice;auth.notice;kern.warning @172.16.200.50 and it's not going through.giving error message like below: syslogd:... (2 Replies)
Discussion started by: bentech4u
2 Replies
LAST, LASTB(1)							   User Commands						    LAST, LASTB(1)

NAME
last, lastb - show a listing of last logged in users SYNOPSIS
last [options] [username...] [tty...] lastb [options] [username...] [tty...] DESCRIPTION
last searches back through the /var/log/wtmp file (or the file designated by the -f option) and displays a list of all users logged in (and out) since that file was created. One or more usernames and/or ttys can be given, in which case last will show only the entries matching those arguments. Names of ttys can be abbreviated, thus last 0 is the same as last tty0. When catching a SIGINT signal (generated by the interrupt key, usually control-C) or a SIGQUIT signal, last will show how far it has searched through the file; in the case of the SIGINT signal last will then terminate. The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all the reboots since the log file was created. lastb is the same as last, except that by default it shows a log of the /var/log/btmp file, which contains all the bad login attempts. OPTIONS
-a, --hostlast Display the hostname in the last column. Useful in combination with the --dns option. -d, --dns For non-local logins, Linux stores not only the host name of the remote host, but its IP number as well. This option translates the IP number back into a hostname. -f, --file file Tell last to use a specific file instead of /var/log/wtmp. The --file option can be given multiple times, and all of the specified files will be processed. -F, --fulltimes Print full login and logout times and dates. -i, --ip Like --dns , but displays the host's IP number instead of the name. -number -n, --limit number Tell last how many lines to show. -p, --present time Display the users who were present at the specified time. This is like using the options --since and --until together with the same time. -R, --nohostname Suppresses the display of the hostname field. -s, --since time Display the state of logins since the specified time. This is useful, e.g., to easily determine who was logged in at a particular time. The option is often combined with --until. -t, --until time Display the state of logins until the specified time. --time-format format Define the output timestamp format to be one of notime, short, full, or iso. The notime variant will not print any timestamps at all, short is the default, and full is the same as the --fulltimes option. The iso variant will display the timestamp in ISO-8601 format. The ISO format contains timezone information, making it preferable when printouts are investigated outside of the system. -w, --fullnames Display full user names and domain names in the output. -x, --system Display the system shutdown entries and run level changes. TIME FORMATS
The options that take the time argument understand the following formats: YYYYMMDDhhmmss YYYY-MM-DD hh:mm:ss YYYY-MM-DD hh:mm (seconds will be set to 00) YYYY-MM-DD (time will be set to 00:00:00) hh:mm:ss (date will be set to today) hh:mm (date will be set to today, seconds to 00) now yesterday (time is set to 00:00:00) today (time is set to 00:00:00) tomorrow (time is set to 00:00:00) +5min -5days NOTES
The files wtmp and btmp might not be found. The system only logs information in these files if they are present. This is a local configu- ration issue. If you want the files to be used, they can be created with a simple touch(1) command (for example, touch /var/log/wtmp). FILES
/var/log/wtmp /var/log/btmp AUTHOR
Miquel van Smoorenburg <miquels@cistron.nl> AVAILABILITY
The last command is part of the util-linux package and is available from Linux Kernel Archive <https://www.kernel.org/pub/linux/utils/util- linux/>. SEE ALSO
login(1), wtmp(5), init(8), shutdown(8) util-linux October 2013 LAST, LASTB(1)
All times are GMT -4. The time now is 02:51 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy