command | file | function description |
last | /var/log/wtmp | 所有成功登录/登出的历史记录 |
lastb | /var/log/btmp | 登录失败尝试 |
lastlog | /var/log/lastlog | 最近登录记录 |
who / w | /var/run/utmp | 记录当前打开的会话 |
clean up
$ history -c
in additon, can also query with the 'utmpdump' command
$ utmpdump /var/log/wtmp
$ utmpdump /var/log/btmp
$ utmpdump /var/run/utmp
refer link:
(8条消息) 使用 utmpdump 监控 CentOS 用户登录历史_NFTercel的博客-CSDN博客_utmpdump