Home > Developer > Linux

Linux log Files utmp, wtmp, Lastlog, messages

Source: Internet
Author: User
Tags exit in time and date
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1. Information about the current logged-in user is recorded in file utmp; ==who command

2. Login entry and exit record in document WTMP; ==W command

3, the last login file can be viewed with lastlog command;

4. messages====== log information from the Syslog

Note: Wtmp and utmp files are binary files and they cannot be clipped or merged (using the Cat command) such as the tail command. User

The information contained in these two files needs to be used by WHO, W, users, last, and AC.

Example:
Last command search wtmp to show users who have logged in since the first time the file was created

Users print out a separate line for the currently logged-on user with a login session for each displayed user name

The W command queries the utmp file and displays information about each user in the current system and the process it is running

The WHO command queries the utmp file and reports each user who is currently logged on

The AC command reports the user's link time (in hours) based on login entry and exit in the current/var/log/wtmp file.

Utmp file, which records the current login into the system of the various users;

A binary record containing the following structures is written to these two files:
struct UTMP {
Char Ut_line[8]; /* TTY line: "Ttyh0", "ttyd0", "ttyp0", ... * *
Char Ut_name[8]; /* Login Name */
Long Ut_time; /* seconds since Epoch * *
};

When logged in, the login program fills in such a structure and writes it to the Utmp file, and also adds it to the wtmp file. When logging off, the INIT process erases the corresponding records in the Utmp file (each byte is filled with 0) and adds a new record to the Wtmp file. Read the logout record in the Wtmp file, and its Ut_name field is cleared to 0. Special record entries are added to the Wtmp file when the system restarts, and before and after changes to the system time and date. The WHO (1) program reads the Utmp file and prints its contents in a readable format. Later versions of Unix provide the last (1) command, which reads the wtmp file and prints the selected record. The Wtmp file, which tracks individual logon and logoff events.

wted
Wtmp/utmp Log editing program. You can use this tool to edit all wtmp or utmp types of files.

Z2
Utmp/wtmp/lastlog Log Cleanup Tool. You can delete all entries for a user name in the Utmp/wtmp/lastlog log file. However, if the Linux system needs to manually modify its source code, set the location of the log file.

This article is from "My World, My Dream" blog, please be sure to keep this source http://itshine.blog.51cto.com/648476/489687

Linux log Files utmp, wtmp, Lastlog, messages

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
var log wtmp linux find log files lastlog how to read log files in linux how to see log files in linux how to check log files in linux how to view log files in linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More