02-10-2011
If you are talking about failed unix logins, check out the "lastb" command.
The strategy depends on how long you keep your wtmp and btmp data files.
If you are takling about Oracle, then you'll need to locate the right log (or table) if your system maintains such records.
Last edited by methyl; 02-10-2011 at 05:40 PM..
Reason: typo
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello all, I'm new to shell scripting and want to make a script that I can write to log the users logging on and off the a unix system.
I have had a good look over the past few days to crack it, I think I am getting close.
I want a script that runs an infinite loop to check every 5 seconds... (14 Replies)
Discussion started by: noodlesoup
14 Replies
2. Shell Programming and Scripting
hi ,
I need to know commands to be used in the script to invoke batches in order from other scripts and then run those batches,and how to take those logs of those batches which fails........If anyone give me a better idea to complete this entire task in a single script... (5 Replies)
Discussion started by: gopimeklord
5 Replies
3. Shell Programming and Scripting
hi all,
I'm trying to write a script to create a file with a list of all users, their gid, gecos field and their last login time
e.g.
fairly new to scripting, this is what I've got so far
#!/bin/sh( userlist= cat /etc/passwd | awk -F: '{print $1," ",$4," ",$5}'
for name in $userlist... (3 Replies)
Discussion started by: tanngo
3 Replies
4. Shell Programming and Scripting
Dear All
I am facing a problem with my script.
I have to found the primary group of users .
So first I selected all the groups and users register from a specific user : ONE
Then I am making a file with all groups attached to the user : ONE
Then I am making a file with all... (8 Replies)
Discussion started by: Aswex
8 Replies
5. Shell Programming and Scripting
Hi,
I have a situation where I want to ignore few users from list of users and print rest of user in log file.
say, I want to ignore aaa, bbb, ccc, ddd .. ppp from list of 20 user (do not want to include)
What is the good command or any script?
Thanks in advance. (1 Reply)
Discussion started by: sumit30
1 Replies
6. Shell Programming and Scripting
hi my friends
im asking for the possibility to creat a script in ubuntu for added date to list users for doing this :
- search in debug connected user of all connected users
- if a new user is connect for the first time to my server
the script record the date of the connection and added it... (1 Reply)
Discussion started by: amzioujda
1 Replies
7. Shell Programming and Scripting
Hello All,
I am trying trying to write a shell script that will do a couple things:
1.) Identify any username that logs into the server.
2.) When the user logs out, send them an email detailing
their log in/out times, duration logged in, and what
processes they ran.
Basically,... (3 Replies)
Discussion started by: SecureScript
3 Replies
8. Shell Programming and Scripting
I admit I am terrible with scripting, so when I was asked to store users' command history lines and zip them on monthly basis what I did was to create a file "user_history_Feb" with the following contents:
Part A
# more user_history_Feb
cp -p /var/log/user_history/*history... (6 Replies)
Discussion started by: hedkandi
6 Replies
9. Shell Programming and Scripting
Is there any command that can used in Linux that export usernames and their manager's name from AD using bash shell script?
I know this can be done using powershell but I need to use Linux for this procedure. (2 Replies)
Discussion started by: dellanicholson
2 Replies
10. Shell Programming and Scripting
Hello all,
I have a task to patch red hat servers and some servers have a corrupted rpm database and return the error:
Error: rpmdb open failed
I know how to fix this when it occurs. What I'm hoping to do is scan a list of servers by IP and report back which server have this error.
... (6 Replies)
Discussion started by: greavette
6 Replies
LAST, LASTB(1) User Commands LAST, LASTB(1)
NAME
last, lastb - show a listing of last logged in users
SYNOPSIS
last [options] [username...] [tty...]
lastb [options] [username...] [tty...]
DESCRIPTION
last searches back through the /var/log/wtmp file (or the file designated by the -f option) and displays a list of all users logged in (and
out) since that file was created. One or more usernames and/or ttys can be given, in which case last will show only the entries matching
those arguments. Names of ttys can be abbreviated, thus last 0 is the same as last tty0.
When catching a SIGINT signal (generated by the interrupt key, usually control-C) or a SIGQUIT signal, last will show how far it has
searched through the file; in the case of the SIGINT signal last will then terminate.
The pseudo user reboot logs in each time the system is rebooted. Thus last reboot will show a log of all the reboots since the log file
was created.
lastb is the same as last, except that by default it shows a log of the /var/log/btmp file, which contains all the bad login attempts.
OPTIONS
-a, --hostlast
Display the hostname in the last column. Useful in combination with the --dns option.
-d, --dns
For non-local logins, Linux stores not only the host name of the remote host, but its IP number as well. This option translates the
IP number back into a hostname.
-f, --file file
Tell last to use a specific file instead of /var/log/wtmp. The --file option can be given multiple times, and all of the specified
files will be processed.
-F, --fulltimes
Print full login and logout times and dates.
-i, --ip
Like --dns , but displays the host's IP number instead of the name.
-number
-n, --limit number
Tell last how many lines to show.
-p, --present time
Display the users who were present at the specified time. This is like using the options --since and --until together with the same
time.
-R, --nohostname
Suppresses the display of the hostname field.
-s, --since time
Display the state of logins since the specified time. This is useful, e.g., to easily determine who was logged in at a particular
time. The option is often combined with --until.
-t, --until time
Display the state of logins until the specified time.
--time-format format
Define the output timestamp format to be one of notime, short, full, or iso. The notime variant will not print any timestamps at
all, short is the default, and full is the same as the --fulltimes option. The iso variant will display the timestamp in ISO-8601
format. The ISO format contains timezone information, making it preferable when printouts are investigated outside of the system.
-w, --fullnames
Display full user names and domain names in the output.
-x, --system
Display the system shutdown entries and run level changes.
TIME FORMATS
The options that take the time argument understand the following formats:
YYYYMMDDhhmmss
YYYY-MM-DD hh:mm:ss
YYYY-MM-DD hh:mm (seconds will be set to 00)
YYYY-MM-DD (time will be set to 00:00:00)
hh:mm:ss (date will be set to today)
hh:mm (date will be set to today, seconds to 00)
now
yesterday (time is set to 00:00:00)
today (time is set to 00:00:00)
tomorrow (time is set to 00:00:00)
+5min
-5days
NOTES
The files wtmp and btmp might not be found. The system only logs information in these files if they are present. This is a local configu-
ration issue. If you want the files to be used, they can be created with a simple touch(1) command (for example, touch /var/log/wtmp).
FILES
/var/log/wtmp
/var/log/btmp
AUTHOR
Miquel van Smoorenburg <miquels@cistron.nl>
AVAILABILITY
The last command is part of the util-linux package and is available from Linux Kernel Archive <https://www.kernel.org/pub/linux/utils/util-
linux/>.
SEE ALSO
login(1), wtmp(5), init(8), shutdown(8)
util-linux October 2013 LAST, LASTB(1)