Lastb command for Linux

List the information about users who failed to log in to the system. The lastb command is used to display a list of incorrect user logins. Using lastb alone, it will read a file named BTMP in the /var/log directory and display the list of failed logins.

Command syntax

Lastb [option] [parameter]

Command options

-a: Displays the host name or IP address from which the system is logged in in the last line.
-d: translates the IP address into the host name.
-f< Record file > : specifies a record file.
-n< display column number > or -< Display column number > : Sets the display column number of the list.
-r: does not display the name or IP address of the host that logs in to the system.
-x: displays information about system shutdown, restart, and execution level change.

The command parameter

User name: the login list of the user being displayed;
Terminal: Displays the login list from the specified terminal.

Login failures using SSH are not logged in the BTMP file.

> lastb | head root SSH: notty 120.132.112.75 Sun Apr 11 "-" (00:00) root SSH: notty 185.36.81.44 Sun Apr 11 22:18-22:18 (00:00) Root SSH :notty 101.89.138.113 Sun Apr 11 22:18-22:18 (00:00) admin1 SSH :notty 123.21.35.183 Sun Apr 11 22:18-22 (00:00) Admin1 SSH :notty 123.21.35.183 Sun Apr 11 22:17-22:17 (00:00) Adria SSH :notty 132.232.32.203 Sun Apr 11 22:17-22:17 (00:00) Adria SSH :notty 132.232.32.203 Sun Apr 11 22:17-22:17 (00:00) root SSH :notty 115.79.35.110 Sun Apr 11 22:17-22:17 (00:00) user SSH :notty 103.248.31.50 Sun Apr 11 22:17-22:17 (00:00) User SSH :notty 103.248.31.50 Sun Apr 11 22:17-22:17 (00:00)Copy the code

Lastb, which reads the file at /var/log/btmp and displays the list of failed login users. BTMP is a binary file, so last -f /var/log/btmp gives the same result.

Find records of login failures with the specified user name

> lastb root | head root SSH: notty 123.21.35.183 Sun Apr 11 "-" (00:00) root SSH: notty 123.21.35.183 Sun Apr 11 22:24-22:24 (00:00) root SSH :notty 123.21.35.183 Sun Apr 11 22:24-22:24 (00:00) root SSH :notty 120.132.112.75 Sun Apr 11 22:24-22:24 (00:00) root SSH :notty 81.69.251.186 Sun Apr 11 22:23-22:23 (00:00) root SSH :notty 123.21.35.183 Sun Apr 11 22:23-22:23 (00:00) Root SSH :notty 123.21.35.183 Sun Apr 11 22:22-22:22 (00:00) root SSH :notty 123.21.35.183 Sun Apr 11 22:22-22:22 (00:00) Root SSH :notty 81.69.251.186 Sun Apr 11 22:21-22:21 (00:00) root SSH :notty 120.132.112.75 Sun Apr 11 22:21-22:21 (00:00) root SSH :notty 120.132.112.75 Sun Apr 11 22:18-22:18 (00:00)Copy the code

Clear the contents of the lastb file

> echo > /var/log/btmp
Copy the code

Original link :rumenz.com/rumenbiji/l… Wechat official account: entry station

Command syntax

Command options

The command parameter

Login failures using SSH are not logged in the BTMP file.

Find records of login failures with the specified user name

Clear the contents of the lastb file

Related Posts

Five major software architecture patterns

The system crashed frequently, I came up with a limiting scheme, the boss was a thumbs up! Soon!

4000 words with you step into the world of SQL | a comprehensive tutorial: SQL database, concept and use SQL DDL to create a database table