HPE Community
Operating System - HP-UX
1758653 Members
1842 Online
108874 Solutions
New Discussion юеВ

redirecting the "last" command

 
SOLVED
Go to solution
Allan Pincus
Frequent Advisor

тАО09-18-2002 01:47 PM

тАО09-18-2002 01:47 PM

redirecting the "last" command

Does anyone know how to have the "last" command read a file other than /var/adm/wtmp?

The man pages do not indicate this is a valid option.

I'm trying to have a script read the wtmp across multiple machines to see who is logged in on each one of them.

Is there an easier way? Should I sym link the systems all to the same wtmp?

I'm looking for ideas.
0 Kudos
Reply
5 REPLIES 5
James R. Ferguson
Acclaimed Contributor

тАО09-18-2002 01:54 PM

тАО09-18-2002 01:54 PM

Solution

Re: redirecting the "last" command

Hi Allan:

The 'var/adm/wtmp' file is a binary file. 'last' knows how to read it and you could pipe its output to a 'read'.

Another, easier approach, is to convert the binary file to an ascii one with 'fwtmp' (see "man 1M fwtmp"). In fact this is the approach used when the 'wtmp' database is corrupted -- you use 'fwtmp' to convert it to ascii format; edit the ascii file; and convert the ascii format back to binary.

Regards!

...JRF...
Reply
Rodney Hills
Honored Contributor

тАО09-18-2002 01:55 PM

тАО09-18-2002 01:55 PM

Re: redirecting the "last" command

Looking at the man page for "last", it states that -f filename can be used to override wtmp.

Is that what you are looking for?

-- Rod Hills
There be dragons...
Reply
Michael Tully
Honored Contributor

тАО09-18-2002 01:56 PM

тАО09-18-2002 01:56 PM

Re: redirecting the "last" command


This example will convert a file from any system it to an ASCII file from your other systems, should you choose to copy them.

#/usr/sbin/acct/fwtmp < /var/adm/wtmp > /tmp/file

You can then get you information

Have a look at the 'fwtmp' man page for further information.
Anyone for a Mutiny ?
Reply
Rodney Hills
Honored Contributor

тАО09-18-2002 01:58 PM

тАО09-18-2002 01:58 PM

Re: redirecting the "last" command

If you are looking to see who is logged onto multiple machines, do a man on "rwho". It will display all users logged onto a local network

HTH

-- Rod Hills
There be dragons...
0 Kudos
Reply
Andrew Cowan
Honored Contributor

тАО09-19-2002 10:43 PM

тАО09-19-2002 10:43 PM

Re: redirecting the "last" command

Using "r" commands, is a simple way to collate information from several machines, however it opens lots of security holes.

If you system is connected to a public network, try installing OpenSSH on all your systems and use the "captive"-ssh commands, together with public keys.

In this way you will have all the flexibility of the "r" commands, but without the security holes.

See www.openssh.com for details.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.