03-20-2009
First find out if you have a wtmp file and whether it contains the data you require and whether it is properly maintained or left to grow.
man wtmp .
ls -la /var/adm/wtmp
If you have not got a wtmp file, you cannot run the unix "last" command.
man last.
We archive our wtmp file weekly and keep a rolling 3 months. Some systems administrators just let the file grow. A wtmp which is more than one year old gives ambiguous results from "last" because "last" does not display the year. This can be fixed by pre-processing the file with fwtmp and sed.
To check the oldest date in your wtmp file.
cat /var/adm/wtmp|/usr/sbin/acct/fwtmp|head
In general it is easier to save statistics for a day on the day the event occurred. You could save a rolling 5 days of the output from last (for today only) at 23:59 daily. This is subject to having a suitable wtmp file in the first place.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
Can I get a script to list out all the users, who has not logged on since last 90 days. Last command in not working due due to /var/adm/wtmpx is more than 2 GB.
Thanks in advance.
Regards,
Roni (10 Replies)
Discussion started by: manasranjanpand
10 Replies
2. Solaris
I need actuall script which List all inactive users who has not logged on since last 90 days
Thanks in advance.
Di! (17 Replies)
Discussion started by: haridham
17 Replies
3. Shell Programming and Scripting
Hello,
i know who command gives you the time when particular user logged in. And subtracting today's date and time from the one found in who we can get how much time user logged in. But this can get very much clumsy as we can't subtract date directly in unix . Is there any other way or command... (4 Replies)
Discussion started by: salman4u
4 Replies
4. UNIX Desktop Questions & Answers
how can i know which users have logged in at specified given start and end time in 24 hour format? (3 Replies)
Discussion started by: meherzad4u
3 Replies
5. Shell Programming and Scripting
Hello all,
I want to display all the user logged last week and know the time tnat they are connected. I have been looking for a solution in the Forum, but I didn't find.
Thanks in advance (4 Replies)
Discussion started by: ahernandez
4 Replies
6. Shell Programming and Scripting
Hi,
How to find the users who did not login into a UNIX box (thru ssh/ftp or any other way) for last 90 days?
I think of using "finger" or "last" command to findout each user's last login and then find number of days between today and that day. Is there any other better way or anyone prepared... (1 Reply)
Discussion started by: reddyr
1 Replies
7. Shell Programming and Scripting
Suppose user 'asdf' is not logged into server 'bbbb', but the server is up. User 'asdf' has cron job. Will it be executed? (1 Reply)
Discussion started by: thulasidharan2k
1 Replies
8. Red Hat
How do I confirm if a user logged in, is remote or local? In the case if the user is remote, how to be sure what authentication/method is it using, like LDAP, NIS or other? (2 Replies)
Discussion started by: kirtikjr
2 Replies
9. Shell Programming and Scripting
Dear All,
I need your help in finding out users not logged in to linux system for more than 90 days. I found a script from our forum i am getting error while using that.
from the code i have debugged line by line to see where i am getting the problem. i found out the below line i am getting... (5 Replies)
Discussion started by: Sachinlinux
5 Replies
10. Shell Programming and Scripting
help me (1 Reply)
Discussion started by: sonu pandey
1 Replies
LEARN ABOUT SUSE
time.conf
TIME.CONF(5) Linux-PAM Manual TIME.CONF(5)
NAME
time.conf - configuration file for the pam_time module
DESCRIPTION
The pam_time PAM module does not authenticate the user, but instead it restricts access to a system and or specific applications at various
times of the day and on specific days or over various terminal lines. This module can be configured to deny access to (individual) users
based on their name, the time of day, the day of week, the service they are applying for and their terminal from which they are making
their request.
For this module to function correctly there must be a correctly formatted /etc/security/time.conf file present. White spaces are ignored
and lines maybe extended with '' (escaped newlines). Text following a '#' is ignored to the end of the line.
The syntax of the lines is as follows:
services;ttys;users;times
In words, each rule occupies a line, terminated with a newline or the beginning of a comment; a '#'. It contains four fields separated with
semicolons, ';'.
The first field, the services field, is a logic list of PAM service names that the rule applies to.
The second field, the tty field, is a logic list of terminal names that this rule applies to.
The third field, the users field, is a logic list of users or a netgroup of users to whom this rule applies.
For these items the simple wildcard '*' may be used only once. With netgroups no wildcards or logic operators are allowed.
The times field is used to indicate the times at which this rule applies. The format here is a logic list of day/time-range entries. The
days are specified by a sequence of two character entries, MoTuSa for example is Monday Tuesday and Saturday. Note that repeated days are
unset MoMo = no day, and MoWk = all weekdays bar Monday. The two character combinations accepted are Mo Tu We Th Fr Sa Su Wk Wd Al, the
last two being week-end days and all 7 days of the week respectively. As a final example, AlFr means all days except Friday.
Each day/time-range can be prefixed with a '!' to indicate "anything but". The time-range part is two 24-hour times HHMM, separated by a
hyphen, indicating the start and finish time (if the finish time is smaller than the start time it is deemed to apply on the following
day).
For a rule to be active, ALL of service+ttys+users must be satisfied by the applying process.
Note, currently there is no daemon enforcing the end of a session. This needs to be remedied.
Poorly formatted rules are logged as errors using syslog(3).
EXAMPLES
These are some example lines which might be specified in /etc/security/time.conf.
All users except for root are denied access to console-login at all times:
login ; tty* & !ttyp* ; !root ; !Al0000-2400
Games (configured to use PAM) are only to be accessed out of working hours. This rule does not apply to the user waster:
games ; * ; !waster ; Wd0000-2400 | Wk1800-0800
SEE ALSO
pam_time(8), pam.d(5), pam(8)
AUTHOR
pam_time was written by Andrew G. Morgan <morgan@kernel.org>.
Linux-PAM Manual 04/01/2010 TIME.CONF(5)