Useful Linux System Log Management Commands

who command
who命令查询utmp文件并报告当前登录的每个用户。 who ordered the report query utmp file and each user currently logged on. Who的缺省输出包括用户名、终端类型、登录日期及远程主机。 Who's the default output, including user name, terminal type, login date and the remote host. 使用该命令,系统管理员可以查看当前系统存在哪些不法用户,从而对其进行审计和处理。 Use this command, the system administrator can view the current system, what are the unscrupulous users to its audit and processing. 例如:运行who命令显示如下所示: For example: Run the who command displays as follows:


If specified in the wtmp file name, who commands all previous records check. Command who / var / log / wtmp wtmp file was created since the report has been altered or every login. For example: run the command as follows:


users command
users print out a single line with the current logged on user, the user name corresponds to each display a login session. If a user has more than one login session, and that his name will show the same number of users. Run the command as follows:


last command
wtmp last command to display the search back the file for the first time since the inception logged user. System administrators can periodically log these users to conduct audit and assessment, which found problems in starting to identify illegal users, and processing. Run the command, as follows: 


The reader can see, using the above command to display too much information, discrimination is very small. 所以,可以通过指明用户来显示其登录信息即可。 So, you can specify the user to display the login information you can. 例如:使用last reoot显示reboot历史登录信息,则如下所示: For example: reboot using the last reoot to display the history log messages, as follows:


lastlog command
lastlog file each time a user logs are queries. Can use the lastlog command to check a particular user last login time, and format the output the last login log / var / log / lastlog content. It is sorted according to the login UID, port (tty), and last login time. If a user has never logged, lastlog shows ** Never logged **. Attention to the need to root, run the command. Run the command as follows: 


Comments

Popular posts from this blog

How to create Oracle stored Procedures using TOAD for Oracle

Create Tables in Oracle Database using TOAD

How to Create Packages in Oracle Database using TOAD for Oracle