I would loke to read the WTMP file. This is a binary file in the /var/logs directory. Is there any utility which will convert this binary file to ASCII format? (1 Reply)
Here's a usefull perl script to trim the wtmp file,
in case it got too big, which happens sometimes, or got curropted (which also happens often).
You could learn from here how to parse the wtmp file...
but of course for just reading its content always simply use "last" like Neo said....
... (0 Replies)
When I type last oracle I get dates from Nov 28, 2000 all the way back to the beginning of time it seems. The 11-28-2000 entry states that Oracle is still logged in, but if you type a who, it shows only 1 entry - the currently logged in user (Me as oracle), but I logged in only minutes ago - and... (4 Replies)
I have AIX5.1
I have been trying to learn how to truncate the /var/adm/wtmp file.
I have seen several things on google actually but don't quite understand. I also searched your forums but couldn't find it.
one says this ">/var/adm/wtmp
Is that all I do?
I have a seperate question also. I was... (1 Reply)
Hi - How can I determine the time my system was last booted when my "wtmp" file is broken? (It is being cleaned out incorrectly, I'mm working on that issue)
ie
uptime shows invalid details and who -b shows "nothing at all"
is there a shutdown log somewhere that may indicat the last re-boot? (3 Replies)
Hello everyone
I have a problem with the file wtmp that is on /var/adm
This file was not on this directory (adm).
I try creating a new file with the correct rights (644) and owner (adm:adm)
but It doesnt work.
If I type the last command i get this
last
ora10g ... (4 Replies)
Hello,
Is there a difference between the following commands besides consider the file permissions?
/usr/sbin/acct/nulladm /var/adm/wtmp
>/var/adm/wtmp
cat /dev/null >/var/adm/wtmp
Today I tried the second command and it worked... (2 Replies)
Anyone got experience where wtmp logs get truncated everyday? Though sulog, failedlogin and lastlog seems to be fine.
The server uptime is 18 days running on AIX 5.3. Sorry this seems to be a generic questions but never really encountered before. (6 Replies)
Discussion started by: depam
6 Replies
LEARN ABOUT V7
utmpdump
UTMPDUMP(1) User Commands UTMPDUMP(1)NAME
utmpdump - dump UTMP and WTMP files in raw format
SYNOPSIS
utmpdump [options] [filename]
DESCRIPTION
utmpdump is a simple program to dump UTMP and WTMP files in raw format, so they can be examined. utmpdump reads from stdin unless a file-
name is passed.
OPTIONS -f, --follow
Output appended data as the file grows.
-o, --output file
Write command output to file instead of standard output.
-r, --reverse
Undump, write back edited login information into the utmp or wtmp files.
-V, --version
Display version information and exit.
-h, --help
Display help text and exit.
NOTES
utmpdump can be useful in cases of corrupted utmp or wtmp entries. It can dump out utmp/wtmp to an ASCII file, which can then be edited to
remove bogus entries, and reintegrated using:
utmpdump -r < ascii_file > wtmp
But be warned, utmpdump was written for debugging purposes only.
File formats
The only binary version of the utmp(5) is standardised. Textual dumps may become incompatible in future.
The version 2.28 was the last one that printed text output using ctime(3) timestamp format. Newer dumps use millisecond precision ISO-8601
timestamp format in UTC-0 timezone. Conversion from former timestamp format can be made to binary, although attempt to do so can lead the
timestamps to drift amount of timezone offset.
BUGS
You may not use the -r option, as the format for the utmp/wtmp files strongly depends on the input format. This tool was not written for
normal use, but for debugging only.
AUTHOR
Michael Krapp
SEE ALSO last(1), w(1), who(1), utmp(5)AVAILABILITY
The utmpdump command is part of the util-linux package and is available from Linux Kernel Archive <https://www.kernel.org/pub/linux/utils
/util-linux/>.
util-linux July 2014 UTMPDUMP(1)