Home IT Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux System Getting Started Learning: Linux in the last command     - Linux configuration startup mount: fstab file (Linux)

- Oracle Client Easy Connection error ORA-12154, TNS-03505 (Database)

- How to configure FirewallD in RHEL / CentOS 7 and Fedora in (Linux)

- Linux disk management practices (Linux)

- Linux Command Tutorial: Ubuntu apt-get command (Linux)

- Nine trick to let you speed up the old machine running Ubuntu Linux (Linux)

- Linux host system monitoring implement the cgi (Server)

- Installation of Python2.7.8 and iPython under CentOS6.5 (Linux)

- Linux how to view the graphics models notebook (Linux)

- Keepalived achieve high availability Nginx Reverse Proxy (Server)

- Android shutdown (reboot) process (Programming)

- Linux firewall rules example Extracts (Linux)

- Android source code compiled fatal error solutions (Programming)

- MySQL Tutorial: About checkpoint mechanism (Database)

- Java NIO1: I / O model overview (Programming)

- RedHat command line and graphical interface switching (Linux)

- DRBD-based installation and configuration of CentOS 6.5 (Server)

- Linux RHCS basic maintenance commands (Linux)

- jQuery get value drop-down list and select text (Programming)

- How to troubleshoot error java.lang.NoSuchMethodError (Programming)

 
         
  Linux System Getting Started Learning: Linux in the last command
     
  Add Date : 2018-11-21      
         
       
         
  Last command is to list the current and past users of the system login information. Its main parameters are:

(1) -a sign the host name or IP address of the system, is displayed in the last line.

(2) -d the IP address into a host name.

(3) -f Specifies the log file.

(4) -n or - Settings column lists the number of display lists

(5) -R login system does not display the host name or IP address

(6) -x Display the system shutdown, restart, and the execution level changes and other information.

Command Description:

This command is used to list the current and past users of the system login information. Instruction English original meaning: show listing of last logged in users

Execute permissions: Some need special permission

Instruction where the path: / usr / bin / last

When the last instruction executed, it reads located in / var / log directory name wtmp file, and the list of users that log on to the system log file of all the content is displayed. The default is to show the wtmp record, btmp can display more detail, you can display remote login, such as ssh login.

utmp file is currently being stored in the system user information.

wtmp file is saved in the user logged on the system information.

Command Output Field Description:

The first column: Username

The second column: end position. pts / 0 (pseudo-terminal) from means such as a user .tty (teletypewriter) remote SSH or telnet connection means to connect directly to the user's computer or local connection

The third column: Sign ip or kernel. If you see: 0.0, or nothing at all, which means that the user is connected through a local terminal. In addition to restart activities, kernel version will be displayed in the state.

The fourth column: Start Time

Fifth column: End time (still login in yet exit down until the normal shutdown crash until the forced shutdown)

The sixth column: Duration

Command syntax:

last [-R] [-num] [-n num] [-adiowx] [-f file] [-t YYYYMMDDHHMMSS] [name ...] [tty ...]

Command parameters:

parameter

Length argument

Miao Xu

-a

 
The host name or IP address of the system, is displayed in the last line

-d

 
The IP address into a host name

-f

 
Specifies the log file, the default is to show the recording / var / log directory wtmp file, but the content was btmp can, / var / log directory display more rich, you can display the remote login, such as ssh login, including failed login request.

-i

 
-i display case specific ip login. -i Display case for tracking specific ip login. Tracking

-o

 
Read an old-type wtmp file (written by linux-libc5 applications).

-n

 
-n or - the number of display settings listed in the list of columns

-w

 
Display full user and domain names in the output

-R

 
Does not display the host name or IP (omitted hostname field) sign system

-t

 
Display information before YYYYMMDDHHMMSS

-x

 
Display system shutdown, user logon and logoff history

Example of use:

 

 

1: last command to view the help information


[Root @ linuxhost ~] # man last
 
 
 
[Root @ linuxhost ~] # last -h
last: invalid option - h
Usage: last [-num | -n num] [-f file] [-t YYYYMMDDHHMMSS] [-R] [-x] [-o] [-w] [username ..] [tty ..]

 

2: N records show the last sign-on system


[Root @ linuxhost ~] #last -10
root pts / 1: 0.0 Wed Dec 18 09:54 still logged in
root pts / 4: 0.0 Wed Dec 18 09:43 - 09:48 (00:04)
root pts / 1: 0.0 Wed Dec 18 09:43 - 09:48 (00:05)
root pts / 3 192.168.103.79 Wed Dec 18 09:41 - 12:40 (02:59)
root pts / 4: 0.0 Wed Dec 18 09:28 - 09:30 (00:01)
root pts / 3: 0.0 Wed Dec 18 09:27 - 09:30 (00:02)
root pts / 2 192.168.103.29 Wed Dec 18 09:27 still logged in
root pts / 1: 0.0 Wed Dec 18 09:27 - 09:42 (00:15)
root pts / 2: 0.0 Wed Dec 18 09:23 - 09:25 (00:01)
root pts / 1: 0.0 Wed Dec 18 09:22 - 09:25 (00:02)
 
wtmp begins Wed Dec 11 03:02:17 2013
 
[Root @ linuxhost ~] # last -n 10
root pts / 1: 0.0 Wed Dec 18 09:54 still logged in
root pts / 4: 0.0 Wed Dec 18 09:43 - 09:48 (00:04)
root pts / 1: 0.0 Wed Dec 18 09:43 - 09:48 (00:05)
root pts / 3 192.168.103.79 Wed Dec 18 09:41 - 12:40 (02:59)
root pts / 4: 0.0 Wed Dec 18 09:28 - 09:30 (00:01)
root pts / 3: 0.0 Wed Dec 18 09:27 - 09:30 (00:02)
root pts / 2 192.168.103.29 Wed Dec 18 09:27 still logged in
root pts / 1: 0.0 Wed Dec 18 09:27 - 09:42 (00:15)
root pts / 2: 0.0 Wed Dec 18 09:23 - 09:25 (00:01)
root pts / 1: 0.0 Wed Dec 18 09:22 - 09:25 (00:02)
 
wtmp begins Wed Dec 11 03:02:17 2013

3: The host name or IP address of the log is displayed in the last line

[Root @ linuxhost ~] # last -10 -a
root pts / 1 Wed Dec 18 09:54 still logged in: 0.0
root pts / 4 Wed Dec 18 09:43 - 09:48 (00:04): 0.0
root pts / 1 Wed Dec 18 09:43 - 09:48 (00:05): 0.0
root pts / 3 Wed Dec 18 09:41 - 12:40 (02:59) 192.168.103.79
root pts / 4 Wed Dec 18 09:28 - 09:30 (00:01): 0.0
root pts / 3 Wed Dec 18 09:27 - 09:30 (00:02): 0.0
root pts / 2 Wed Dec 18 09:27 still logged in 192.168.103.29
root pts / 1 Wed Dec 18 09:27 - 09:42 (00:15): 0.0
root pts / 2 Wed Dec 18 09:23 - 09:25 (00:01): 0.0
root pts / 1 Wed Dec 18 09:22 - 09:25 (00:02): 0.0
 
wtmp begins Wed Dec 11 03:02:17 2013

4: Do not display the host name or IP address of the sign system

[Root @ linuxhost ~] # last -10 -R
root pts / 1 Wed Dec 18 09:54 still logged in
root pts / 4 Wed Dec 18 09:43 - 09:48 (00:04)
root pts / 1 Wed Dec 18 09:43 - 09:48 (00:05)
root pts / 3 Wed Dec 18 09:41 - 12:40 (02:59)
root pts / 4 Wed Dec 18 09:28 - 09:30 (00:01)
root pts / 3 Wed Dec 18 09:27 - 09:30 (00:02)
root pts / 2 Wed Dec 18 09:27 still logged in
root pts / 1 Wed Dec 18 09:27 - 09:42 (00:15)
root pts / 2 Wed Dec 18 09:23 - 09:25 (00:01)
root pts / 1 Wed Dec 18 09:22 - 09:25 (00:02)
 
wtmp begins Wed Dec 11 03:02:17 2013

5: Specify the / var / log / btmp file, view the user log information

[Root @ linuxhost ~] # last -n 10 -f / var / log / btmp
root ssh: notty 192.168.136.163 Fri Oct 17 18:16 gone - no logout
root ssh: notty 192.168.136.163 Fri Oct 17 09:50 - 18:16 (08:26)
root ssh: notty 192.168.136.163 Fri Oct 17 09:50 - 09:50 (00:00)
root ssh: notty 192.168.40.218 Tue Jul 23 17:40 - 09:50 (450 + 16: 10)
root ssh: notty 192.168.236.149 Sun Apr 14 01:34 - 17:40 (100 + 16: 05)
root ssh: notty 192.168.178.147 Fri Mar 8 17:25 - 01:34 (36 + 08: 08)
tomcat ssh: notty get185806.gfg1.e Fri Oct 26 16:48 - 17:25 (133 + 00: 37)
root ssh: notty 192.168.193.3 Mon Oct 22 18:13 - 16:48 (3 + 22: 34)
root ssh: notty 192.168.193.3 Mon Oct 22 18:13 - 18:13 (00:00)
devloper ssh: notty get185819.gfg1.e Wed Oct 17 17:22 - 18:13 (5 + 00: 50)
 
btmp begins Thu Apr 12 14:30:06 2012

6: The IP address into a host name

last -10 -d

clip_image001

7: Display YYYYMMDDHHMMSS (20150110093000) prior information

[Root @ linuxhost ~] # last -10 -t 20150110093000
root pts / 2 192.168.102.186 Fri Jan 9 15:35 - 17:27 (01:52)
root pts / 2 192.168.102.134 Thu Jan 8 10:25 - 12:27 (02:02)
root pts / 3 192.168.125.53 Tue Jan 6 23:59 - 00:09 (00:09)
root pts / 2 192.168.125.53 Tue Jan 6 23:45 - 00:09 (00:23)
root pts / 3 192.168.102.88 Tue Jan 6 15:23 - 16:20 (00:57)
root pts / 2 192.168.102.88 Tue Jan 6 15:08 - 17:25 (02:16)
Oracle pts / 1: 2.0 Tue Jan 6 15:07 still logged in
reboot system boot 2.6.32-200.13.1 Tue Jan 6 15:07. (7 + 20: 21)
root pts / 2 192.168.102.88 Tue Jan 6 14:47 - down (00:17)
oracle pts / 1: 2.0 Tue Jan 6 14:46 - down (00:18)
 
wtmp begins Wed Apr 11 16:31:10 2012
     
         
       
         
  More:      
 
- MySQL Authorized a recovered (Database)
- About phpwind 5.01-5.3 0day analysis of the article (Linux)
- Ubuntu 12.04 installation instructions under GAMIT10.40 (Linux)
- Samba public folder permissions (Server)
- OGG-03510 Problem (Database)
- Bubble Sort Algorithms (Programming)
- Oracle 11g RAC automatically play GI PSU patch (11.2.0.4.8) (Database)
- Java gets the current system time System.currentTimeMillis () (Programming)
- You know the difference between URL, URI and URN among you (Linux)
- Close common port to protect server security (Linux)
- Netcat Example (Linux)
- Linux crontab command format example (Linux)
- Android studio multi-channel ultra-compact version of the package (Programming)
- Sublime Text Add instructions to insert the current time zone (Linux)
- Analysis: Little Notebook facing a major security threat secure online (Linux)
- Modify Linux terminal prompt path length (Linux)
- Ubuntu Tutorial: E: Failed to get lock / var / lib / apt / lists / lock - open (Linux)
- Ubuntu Linux installation GAMIT10.6 (Linux)
- Setting Hibernate connection MySQL database connection pool coding (Database)
- Ubuntu terminal command - see the port occupied and off (Linux)
     
           
     
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.