WCAT(1) User Commands WCAT(1)NAME
wcat - printout wtmp entries
SYNOPSIS
wcat [-w wtmp|-] [-adX[3|4]] [-s start] [-e end] [-b H[:M[:S]]] [--help] [--version]
SYNOPSIS
Wcat provides an easy way to recover trimmed information from wtmp binary files. This tool can be useful for scripts that need only partial
information from them.
Notice that wcat output is binary wtmp entries so if this information is printed out to a terminal or screen it might mess it up. A better
use of wcat would be: wcat | rawtmp -w -
OPTIONS -w wtmp|-
Read alternate wtmp file.
-X[3] Read tacacs 3.x wtmp format.
-X4 Read tacacs 4.0 wtmp format.
-d Output time in MMM DD HH:MM:SS date format.
-a Print contents of ut_addr (if it exists) instead of ut_host.
-s start
Display accounting info from `start'.
-e end Display accounting info up to `end'.
-b H:M:S
Show accounting info from the last few hours/minutes/seconds.
--help Print this help message.
--version
Print the version of rawtmp.
SEE ALSO sac(8), ac(1), last(1), rawtmp(1), wtmp(5), netdate(8L)FILES
/var/log/wtmp login database
/usr/adm/radacct/.../detail Radius accounting logs
AUTHOR
The upstream author of wcat is Steve Baker (ice@mama.indstate.edu)
This manpage was written by Javier Fernandez-Sanguino based on help2man for the Debian GNU/Linux distribution (but can be used by others).
wcat v1.0 (c) 2001 by Steve Baker January 2003 WCAT(1)
Check Out this Related Man Page
wtmpconvert(8) System Manager's Manual wtmpconvert(8)NAME
wtmpconvert - Modify connect time accounting records from DIGITAL UNIX releases 4.0x and prior to new format
SYNOPSIS
/usr/lbin/wtmpconvert [-vnrp?h] input_file [output_file]
OPTIONS
Restore new format to old format. Verbose. Display lines while converting. Do not preserve contents of input file. Formatted print only.
Do not convert. (May be used with the -r option). Display usage message.
DESCRIPTION
The wtmpconvert command reads records from a connect time accounting file, such as /var/adm/wtmp, and converts the record format to the
updated struct utmp format. If no output file is specified or if the output file path is identical to the input file path, wtmpconvert
makes a backup copy of the original input file using the following algorithm: If filename.orig exists. Where n is a unique number.
The wtmpconvert command attempts to detect an input file that is in the wrong format (for example, input file is already a new format
file). A warning message is issued in this case, but conversion continues.
EXIT STATUS
Success. An error occurred.
EXAMPLES
To convert an old format accounting file to the new format: wtmpconvert /var/adm/wtmp.prev
Upon completion of this command, /var/adm/wtmp.prev will have been converted to the new format. The original /var/adm/wtmp.prev is
renamed to /var/adm/wtmp.prev.orig. To convert a wtmp file in new format to the old format: wtmpconvert -r /var/adm/wtmp
/var/adm/wtmp.old
FILES
Accounting header files that define the format for the login database file. The active login/logoff database files.
SEE ALSO
Commands: acct(8), acctcon(8), acctmerg(8), date(1), runacct(8)
Functions: getutent(3)
Files: utmp(4), wtmp(4)wtmpconvert(8)
Anyone have any idea on how to display the fields for each record stored in the wtmp file using C? Am I correct in thinking that the info stored in wtmp is in binary and that utmpx will be of some help? Being a beginner, I can come up with bits and pieces of what I might need in order to do the... (1 Reply)
I have AIX5.1
I have been trying to learn how to truncate the /var/adm/wtmp file.
I have seen several things on google actually but don't quite understand. I also searched your forums but couldn't find it.
one says this ">/var/adm/wtmp
Is that all I do?
I have a seperate question also. I was... (1 Reply)
Hi - How can I determine the time my system was last booted when my "wtmp" file is broken? (It is being cleaned out incorrectly, I'mm working on that issue)
ie
uptime shows invalid details and who -b shows "nothing at all"
is there a shutdown log somewhere that may indicat the last re-boot? (3 Replies)
Hi Friends,
Can any one help with this:
I have a huge file with the format as
A SAM 4637
B DEPT1 4758 MILAN
A SMITH 46585
B DEPT2 5385 HARRYIS
B SAMUL 63547 GEORGE
B DANIEL 899 BOISE
A FRES 736 74638
I have to read this file and write only the records that starts with "B" only
... (5 Replies)
Greetings,
When directing in unix, symbol > means saving. E.g. I can save ls command output into mama like this:
ls -f > mama
Could someone give me a real example of how the opposite, i.e. symbol < is used?. Could not find its counterpart in Windows (I seem to learn better when i see... (4 Replies)
Hi,
I am using redhat AS 3. Recently, I was asked to implement a security control on the OS: to change ownership of /var/log/wtmp to root:sys and permission to 600. However, when I made the change and reboot the machine, everything was reverted. How come? Please help.
The following is the... (1 Reply)
Hello,
Is there a difference between the following commands besides consider the file permissions?
/usr/sbin/acct/nulladm /var/adm/wtmp
>/var/adm/wtmp
cat /dev/null >/var/adm/wtmp
Today I tried the second command and it worked... (2 Replies)
Hi everyone.
I have a binary file in wich there is a date with format DDMMMYY, for example 02May09.
I can see it opening this file with vim: inside a binary mess, I can clearly read that string.
Now: do you know a way to extract this string from the file?
I woul like to do something... (14 Replies)
Please excuse my indulgence.
Thank you MG Siegler and Steve Jurvetson. But most importantly, thank you Steve Jobs.
8rwsuXHA7RA
The world has lost a genius. (1 Reply)
New Unix user/scripter here. Been trying to solve a problem for two days now with no luck. Hoping someone here has an answer.
Essentially I have a list of wtmp files which I have decompressed and copied to a temporary directory. Using the following command I can turn them into a file than can... (4 Replies)
Hi,
Does anyone have a script to truncate the wtmp file.
I want to move older entries in the wtmp to a new file and move it out of var/adm and shrink the size. (4 Replies)