Linux User Connected Info

Just type last

 last [-num | -n num] [-f file] [-t YYYYMMDDHHMMSS] [-R] [-adioxFw] [username..] [tty..]

last 명령어는 /var/log/wtmp 파일에 있는 내용을 가져와 출력해준다. 그래서 사실 모든 접속정보 기록은 /var/log/wtmp 안에 저장되어 있다.

리눅스는 /var/log/wtmp 파일이 존재할 경우만 접속정보를 기록하기 때문해당 파일이 없을때 접속정보를 기록하고 싶다면 만들어줘야 한다.

touch /var/log/wtmp

 

last Command  Info

  • Connected  Account Name
  • Connected Device Name
  • Connected IP Address
  • Time Spent
  • Time Stamp
  • System Reboot Info

 

last Option Info

  • -f file Tells last to use a specific file instead of /var/log/wtmp.
  • num This is a count telling last how many lines to show.
  • -n num The same.
  • -t YYYYMMDDHHMMSS
    Display the state of logins as of the specified time. This is useful, e.g., to determine easily who was logged in at a particular time –specify that time with -t and look for \”still logged in\”.
  • -f file Specifies a file to search other than /var/log/wtmp.
  • -R Suppresses the display of the hostname field.
  • -a Display the hostname in the last column. Useful in combination with the next flag.
  • -d For non-local logins, Linux stores not only the host name of the remote host but its IP number as well. This option translates the IP number back into a hostname.
  • -F Print full login and logout times and dates.
  • -i This option is like -d in that it displays the IP number of the remote host, but it displays the IP number in numbers-and-dots notation.
  • -o Read an old-type wtmp file (written by linux-libc5 applications).
  • -w Display full user and domain names in the output.
  • -x Display the system shutdown entries and run level changes.