Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: wtmp output
Operating Systems Linux Red Hat wtmp output Post 302645137 by Duffs22 on Wednesday 23rd of May 2012 05:04:19 AM
Old 05-23-2012
wtmp output
Hi,

Can anybody explain wtmp output fields?

A dir was created at 7:11pm and I wanted to find out who was logged in at that time but as you can see there is no ip address listed when I run utmpdump against the wtmp file.....

Code:
[7] [29752] [ts/3] [root    ] [pts/3       ] [89.101.216.58       ] [89.101.216.58  ] [Tue May 22 18:50:53 2012    ]
[8] [29750] [    ] [        ] [pts/3       ] [                    ] [0.0.0.0        ] [Tue May 22 18:53:58 2012    ]
[8] [28370] [    ] [        ] [pts/2       ] [                    ] [0.0.0.0        ] [Tue May 22 19:11:21 2012    ]



R,
D.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Need Wtmp Reader

I would loke to read the WTMP file. This is a binary file in the /var/logs directory. Is there any utility which will convert this binary file to ASCII format? (1 Reply)
Discussion started by: pgold1
1 Replies

2. UNIX for Dummies Questions & Answers

manage the wtmp file

Here's a usefull perl script to trim the wtmp file, in case it got too big, which happens sometimes, or got curropted (which also happens often). You could learn from here how to parse the wtmp file... but of course for just reading its content always simply use "last" like Neo said.... ... (0 Replies)
Discussion started by: me2unix
0 Replies

3. UNIX for Dummies Questions & Answers

Resetting WTMP?

When I type last oracle I get dates from Nov 28, 2000 all the way back to the beginning of time it seems. The 11-28-2000 entry states that Oracle is still logged in, but if you type a who, it shows only 1 entry - the currently logged in user (Me as oracle), but I logged in only minutes ago - and... (4 Replies)
Discussion started by: cuppjr
4 Replies

4. UNIX for Dummies Questions & Answers

wtmp

Hi, is it ok if i delete wtmp on HPUX 11 under /var/adm It is filling up that filesystem Cheers (2 Replies)
Discussion started by: dsharples
2 Replies

5. UNIX for Dummies Questions & Answers

truncate wtmp

I have AIX5.1 I have been trying to learn how to truncate the /var/adm/wtmp file. I have seen several things on google actually but don't quite understand. I also searched your forums but couldn't find it. one says this ">/var/adm/wtmp Is that all I do? I have a seperate question also. I was... (1 Reply)
Discussion started by: rocker40
1 Replies

6. Solaris

Determine last reboot when wtmp broken

Hi - How can I determine the time my system was last booted when my "wtmp" file is broken? (It is being cleaned out incorrectly, I'mm working on that issue) ie uptime shows invalid details and who -b shows "nothing at all" is there a shutdown log somewhere that may indicat the last re-boot? (3 Replies)
Discussion started by: Andrek
3 Replies

7. AIX

wtmp file

Hello everyone I have a problem with the file wtmp that is on /var/adm This file was not on this directory (adm). I try creating a new file with the correct rights (644) and owner (adm:adm) but It doesnt work. If I type the last command i get this last ora10g ... (4 Replies)
Discussion started by: lo-lp-kl
4 Replies

8. AIX

Clear wtmp

Hello, Is there a difference between the following commands besides consider the file permissions? /usr/sbin/acct/nulladm /var/adm/wtmp >/var/adm/wtmp cat /dev/null >/var/adm/wtmp Today I tried the second command and it worked... (2 Replies)
Discussion started by: x_adm
2 Replies

9. AIX

Wtmp empty everyday

Anyone got experience where wtmp logs get truncated everyday? Though sulog, failedlogin and lastlog seems to be fine. The server uptime is 18 days running on AIX 5.3. Sorry this seems to be a generic questions but never really encountered before. (6 Replies)
Discussion started by: depam
6 Replies

LEARN ABOUT MINIX

utmpdump

UTMPDUMP(1)							   User Commands						       UTMPDUMP(1)

NAME

       utmpdump - dump UTMP and WTMP files in raw format

SYNOPSIS

       utmpdump [options] [filename]

DESCRIPTION

       utmpdump  is a simple program to dump UTMP and WTMP files in raw format, so they can be examined.  utmpdump reads from stdin unless a file-
       name is passed.

OPTIONS

       -f, --follow
	      Output appended data as the file grows.

       -o, --output file
	      Write command output to file instead of standard output.

       -r, --reverse
	      Undump, write back edited login information into the utmp or wtmp files.

       -V, --version
	      Display version information and exit.

       -h, --help
	      Display help text and exit.

NOTES

       utmpdump can be useful in cases of corrupted utmp or wtmp entries.  It can dump out utmp/wtmp to an ASCII file, which can then be edited to
       remove bogus entries, and reintegrated using:

	      utmpdump -r < ascii_file > wtmp

       But be warned, utmpdump was written for debugging purposes only.

   File formats
       The only binary version of the utmp(5) is standardised.	Textual dumps may become incompatible in future.

       The version 2.28 was the last one that printed text output using ctime(3) timestamp format.  Newer dumps use millisecond precision ISO-8601
       timestamp format in UTC-0 timezone.  Conversion from former timestamp format can be made to binary, although attempt to do so can lead  the
       timestamps to drift amount of timezone offset.

BUGS

       You  may  not use the -r option, as the format for the utmp/wtmp files strongly depends on the input format.  This tool was not written for
       normal use, but for debugging only.

AUTHOR

       Michael Krapp

SEE ALSO

       last(1), w(1), who(1), utmp(5)

AVAILABILITY

       The utmpdump command is part of the util-linux package and is available from Linux Kernel  Archive  <https://www.kernel.org/pub/linux/utils
       /util-linux/>.

util-linux							     July 2014							       UTMPDUMP(1)
All times are GMT -4. The time now is 07:28 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy