Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

The command last

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting The command last
# 1  
Old 11-10-2015
The command last
Hello All,

I would like to ask your kind help. Could you please advise how can I identify and printout all users, who has logged to our server from more than 10 different computers/machines by using the command last?

Thank you in advance for your help.

Janmesz
# 2  
Old 11-10-2015
First of all, last data is easily circumvented. So, while last is "ok", a person can "login" into your host and not be recorded in the wtmp/utmp file.

What is last not showing you? It will show all "proper" logins. But nothing saying you have a wtmp unaware path for login defined.

By default last will show the userid, the terminal, the DISPLAY (sort of a hack)/location and the time and duration.

Again, let me emphasize that wmtp writing is an optional thing.... and that well behaved logins will log something there.
This User Gave Thanks to cjcox For This Post:
Janmesz7
# 3  
Old 11-10-2015
Please, try:
Code:
last -ai | perl -nale '
    push @{$user{$F[0]}}, $F[$#F] unless grep {$_  eq $F[$#F]} @{$user{$F[0]}};  
    END{for(keys %user){print if @{$user{$_}} > 10}}'

---------- Post updated at 05:43 PM ---------- Previous update was at 04:24 PM ----------

A bit simpler:
Code:


Code:



last -ai | perl -nale '$user{$F[0]}{$F[$#F]}++; END{for(keys %user){print if keys %{$user{$_}} > 10}}'

This User Gave Thanks to Aia For This Post:
Janmesz7
# 4  
Old 11-11-2015
awk version

Code:
last -ai | awk '{ user=$1;ip=$NF;if (t[ user ip ] == "") { c[ user ]++;t[ user ip ]=1 }} END { for (name in c) { if (c[ name ] > 10) { print name }}}'

This User Gave Thanks to cjcox For This Post:
Janmesz7
# 5  
Old 11-12-2015
The following is little shorter and little more precise, and also works on Solaris (with nawk or /usr/xpg4/bin/awk).
Code:
last -a | awk '$NF!~/^[^:]*:[0-9]+(\.|$)/ && !uh[$1,$NF]++ { uc[$1]++ } END { for (u in uc) if (uc[u]>10) print u }'

Last edited by MadeInGermany; 11-12-2015 at 02:52 PM.. Reason: allow ipv6 addresses
This User Gave Thanks to MadeInGermany For This Post:
Janmesz7
# 6  
Old 11-13-2015
Thank you very much for all of you for these solutions, which were all functionable except of the last one. Much appreaciated your responses, however could you please advise how may I get the following output from this filter:

"Output: 'name number of different computers/machines'"

Example:

Output: 'smith 23'
Output: 'mccallister 22'
Output: 'taylor 22'
Output: 'bush 21'
Output: 'casale 20'
Output: 'grant 19'
...

Thank you in advance for your advice.

Janmesz7
# 7  
Old 11-13-2015
How about
Code:
last -a | awk '$NF ~ /.*\..*\..*\..*/ && !T[$1,$NF]++ {US[$1]++} END {for (u in US) print u, US[u]}'
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Another one line command where I'd like to determine if Ubuntu or Red Hat when running command

Hello Forum, I'm making very good progress on my report thanks to the very helpful people on this forum. I've been able to successfully create my report for my Red Hat servers. But I do have a few ubuntu servers in the mix and I'd like to capture some data from them when an ssh connection is... (8 Replies)
Discussion started by: greavette
8 Replies

2. AIX

I'm facing problem with rpm command, when running the command and appears this error:

exec(): 0509-036 Cannot load program /usr/opt/freeware/bin/rpm because of the following errors: 0509-022 Cannot load module /opt/freeware/lib/libintl.a(libintl.so.1). 0509-150 Dependent module /opt/freeware/lib/libiconv.a(shr4.o) could not be loaded. 0509-152 Member... (4 Replies)
Discussion started by: Ohmkar
4 Replies

3. Shell Programming and Scripting

Multiple command execution inside awk command during xml parsing

below is the output xml string from some other command and i will be parsing it using awk cat /tmp/alerts.xml <Alert id="10102" name="APP-DS-ds_ha-140018-componentFailure-S" alertDefinitionId="13982" resourceId="11427" ctime="1359453507621" fixed="false" reason="If Event/Log Level(ANY) and... (2 Replies)
Discussion started by: vivek d r
2 Replies

4. Shell Programming and Scripting

SH script, variable built command fails, but works at command line

I am working with a sh script on a solaris 9 zone (sol 10 host) that grabs information to build the configuration command line. the variables Build64, SSLopt, CONFIGopt, and CC are populated in the script. the script includes CC=`which gcc` CONFIGopt=' --prefix=/ --exec-prefix=/usr... (8 Replies)
Discussion started by: oly_r
8 Replies

5. UNIX for Dummies Questions & Answers

passing command output from one command to the next command in cshell

HI Guys, I hope you are well. I am trying to write a script that gets executed every time i open a shell (cshell). I have two questions about that 1) I need to enter these commands $ echo $DISPLAY $ setenv $DISPLAY output_of_echo_$display_command How can i write a... (2 Replies)
Discussion started by: kaaliakahn
2 Replies

6. UNIX for Advanced & Expert Users

unix command : how to insert text at the cursor location via command line?

Hi, Well my title isn't very clear I think. So to understand my goal: I have a script "test1" #!/bin/bash xvkbd -text blabla with xbindkeys, I bind F5 key in order it runs my test1 script So when I press F5, test1 runs. I'm under Emacs/Vi and I press F5 in order to have "blabla" be... (0 Replies)
Discussion started by: xib.be
0 Replies

7. Shell Programming and Scripting

Need help! command working ok when executed in command line, but fails when run inside a script!

Hi everyone, when executing this command in unix: echo "WM7 Fatal Alerts:", $(cat query1.txt) > a.csvIt works fine, but running this command in a shell script gives an error saying that there's a syntax error. here is content of my script: tdbsrvr$ vi hc.sh "hc.sh" 22 lines, 509... (4 Replies)
Discussion started by: 4dirk1
4 Replies

8. AIX

AIX:Command to get netaddress/subnet address command in IPv4/IP6

AIX:Command to get netaddress/subnet address command in IPv4/IP6 Can anybody help us with a command to retrieve netaddress/subnet address command in IPv4/IP6 on aix machine. net/subnet address is in the format 172.16.212.0(signifies all 255 machines in an IPv4 network) (2 Replies)
Discussion started by: rookie8278
2 Replies

9. Shell Programming and Scripting

assign a command line argument and a unix command to awk variables

Hi , I have a piece of code ...wherein I need to assign the following ... 1) A command line argument to a variable e.g origCount=ARGV 2) A unix command to a variable e.g result=`wc -l testFile.txt` in my awk shell script When I do this : print "origCount" origCount --> I get the... (0 Replies)
Discussion started by: sweta_doshi
0 Replies

10. SuSE

inconsistent ls command display at the command prompt & running as a cron job

Sir, I using the following commands in a file (part of a bigger script): #!/bin/bash cd /opt/oracle/bin ls -lt | tail -1 | awk '{print $6}' >> /tmp/ramb.out If I run this from the command prompt the result is: 2007-05-16 if I run it as a cron job then... (5 Replies)
Discussion started by: rajranibl
5 Replies
Login or Register to Ask a Question