碼上快樂

相關內容    簡體    繁體

Linux查看登錄日志 last命令 查看當前登錄用戶

本文轉載自   查看原文   2021-01-17 16:18   800 

Linux查看登錄日志

linux
發布於 31 分鍾前
 

lastlog

打印系統賬號最近一次的登錄記錄情況,解析的是 /var/log/lastlog文件,它是一個 data file類型的文件,文本模式打開無法正常顯示。 
Username Port From Latest root pts/0 171.83.37.215 Sat Jan 9 17:23:53 +0800 2021 bin **Never logged in** daemon **Never logged in** adm **Never logged in** lp **Never logged in** sync **Never logged in** shutdown **Never logged in** halt **Never logged in** mail **Never logged in** operator **Never logged in** games **Never logged in** ftp **Never logged in** nobody **Never logged in** systemd-network **Never logged in** dbus **Never logged in** polkitd **Never logged in** sshd **Never logged in** postfix **Never logged in** chrony **Never logged in** nscd **Never logged in** ntp **Never logged in** tss **Never logged in** mysql **Never logged in** nginx **Never logged in** cpt pts/0 117.172.39.12 Fri Jan 8 15:08:00 +0800 2021 zhangsan pts/2 Mon Aug 3 15:46:00 +0800 2020 xiaoming pts/6 218.207.144.248 Thu May 21 17:51:43 +0800 2020 gluster **Never logged in** grafana **Never logged in** xiaowu **Never logged in** saslauth **Never logged in** deploy pts/1 Tue Nov 3 00:02:34 +0800 2020 clamupdate **Never logged in** clamscan **Never logged in**

last

它默認讀取的是 / var/log/wtmp 文件的信息。輸出的內容包括:用戶名、終端位置、登錄源信息、開始時間、結束時間、持續時間。注意最后一行輸出的是 wtmp 文件起始記錄的時間。當然也可以通過 last -f 參數指定讀取文件,可以是 / var/log/btmp、/var/run/utmp 
root pts/0 171.83.37.115 Thu Jan 14 14:38 still logged in root pts/0 171.43.177.33 Wed Jan 13 13:01 - 13:34 (00:31) root pts/1 171.83.37.115 Wed Jan 13 15:14 - 18:44 (03:19) root pts/0 171.83.37.115 Wed Jan 13 15:14 - 18:44 (03:19) root pts/0 118.107.144.111 Tue Jan 11 13:39 - 00:43 (01:03) root pts/0 118.107.144.111 Mon Jan 11 10:05 - 10:05 (00:00) root pts/0 118.107.144.111 Mon Jan 11 18:18 - 10:05 (01:37) root pts/0 118.107.144.111 Mon Jan 11 13:11 - 14:13 (01:01) root pts/0 171.83.37.115 Mon Jan 11 11:05 - 11:10 (01:05) root pts/0 118.107.144.111 Mon Jan 11 09:18 - 10:39 (01:10) root pts/0 171.83.37.115 Fri Jan 8 17:16 - 17:46 (00:10) root pts/0 17.17.111.9 Fri Jan 8 16:38 - 16:49 (00:10) root pts/0 17.17.111.9 Thu Jan 7 15:46 - 18:08 (01:11) root pts/0 118.107.144.111 Wed Jan 6 13:39 - 13:51 (00:13) root pts/1 113.14.171.143 Mon Jan 4 18:47 - 18:51 (00:05) root pts/0 113.14.171.143 Mon Jan 4 15:13 - 18:51 (03:19) root pts/0 113.14.171.143 Sun Jan 3 17:14 - 17:16 (00:11) root pts/0 115.41.156.70 Sat Jan 1 10:11 - 10:39 (00:16) root pts/0 115.41.156.70 Fri Jan 1 13:00 - 13:40 (00:40) root pts/0 115.41.106.6 Thu Dec 31 18:17 - 18:45 (00:18) root pts/0 115.41.106.6 Thu Dec 31 18:00 - 18:16 (00:15) root pts/0 115.41.106.6 Wed Dec 30 11:38 - 13:58 (01:10) root pts/0 171.83.37.146 Wed Dec 30 11:15 - 11:01 (00:35) root pts/0 171.83.37.146 Wed Dec 30 11:10 - 11:15 (00:14) root pts/0 118.107.144.111 Tue Dec 19 15:14 - 15:36 (00:11) root pts/0 171.83.37.146 Tue Dec 19 11:56 - 11:01 (00:05) root pts/0 171.83.37.146 Mon Dec 18 14:33 - 18:16 (03:43) root pts/1 118.107.144.111 Mon Dec 18 11:11 - 11:07 (00:44) root pts/0 171.83.37.146 Mon Dec 18 10:31 - 11:59 (01:17)

lastb列出失敗嘗試的登錄信息

和 last 命令功能完全相同,只不過它默認讀取的是 / var/log/btmp 文件的信息。當然也可以通過 last -f 參數指定讀取文件,可以是 / var/log/btmp、/var/run/utmp 
root ssh:notty 120.132.112.75 Thu Jan 14 17:14 - 17:14 (00:00) abc ssh:notty 89.250.148.154 Thu Jan 14 17:14 - 17:14 (00:00) abc ssh:notty 89.250.148.154 Thu Jan 14 17:14 - 17:14 (00:00) lenovo ssh:notty 122.114.37.11 Thu Jan 14 17:14 - 17:14 (00:00) lenovo ssh:notty 122.114.37.11 Thu Jan 14 17:14 - 17:14 (00:00) simone ssh:notty 203.ip-51-83-74. Thu Jan 14 17:14 - 17:14 (00:00) simone ssh:notty 203.ip-51-83-74. Thu Jan 14 17:14 - 17:14 (00:00) benjamin ssh:notty 49.234.62.38 Thu Jan 14 17:13 - 17:13 (00:00) basesyst ssh:notty 152.89.239.120 Thu Jan 14 17:13 - 17:13 (00:00) benjamin ssh:notty 49.234.62.38 Thu Jan 14 17:13 - 17:13 (00:00) basesyst ssh:notty 152.89.239.120 Thu Jan 14 17:13 - 17:13 (00:00) root ssh:notty 195.24.129.234 Thu Jan 14 17:13 - 17:13 (00:00) chris ssh:notty 195.19.102.173 Thu Jan 14 17:12 - 17:12 (00:00) chris ssh:notty 195.19.102.173 Thu Jan 14 17:12 - 17:12 (00:00) ftptest ssh:notty broadband-188-25 Thu Jan 14 17:12 - 17:12 (00:00) ftptest ssh:notty broadband-188-25 Thu Jan 14 17:12 - 17:12 (00:00) support ssh:notty 182.61.51.141 Thu Jan 14 17:12 - 17:12 (00:00) support ssh:notty 182.61.51.141 Thu Jan 14 17:12 - 17:12 (00:00) julio ssh:notty 159.89.114.40 Thu Jan 14 17:11 - 17:11 (00:00) julio ssh:notty 159.89.114.40 Thu Jan 14 17:11 - 17:11 (00:00) root ssh:notty 120.132.112.75 Thu Jan 14 17:11 - 17:11 (00:00)

關注微信公眾號:【入門小站】,解鎖更多知識點


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 Linux查看和剔除當前登錄用戶 Linux查看系統當前登錄用戶的命令,top命令看到users有多個用戶登錄 linux查看登錄用戶 Linux 下查看系統當前登錄用戶信息 Windows下如何查看當前登錄用戶 ABP 查看當前登錄用戶的Id mysql怎么查看當前登錄用戶 查看SVN當前登錄用戶 【linux命令】:查看當前登錄用戶的信息,本文介紹3種方法 Linux用戶登錄查看命令總結 - w,who,last,lastlog
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM