谎伴

  • 1、查看哪个用户、IP、终端、什么时间登陆过服务器
  • 2、查看哪个用户、IP、终端,什么时间登陆过服务器
  • 3、查看哪个用户、IP、终端,什么时间登陆过服务器,内容更详细一些
  • 首页
  • 关于作者
  • 文章归档
  • 友情链接
  • 留言反馈
  • RSS Feed
  • GitHub
  • WordPress

赞赏/打赏

站点监测

站点服务

Linux 查看登陆用户详细信息

  • 谎言相伴
  • 2022-03-01
  • 0

1、查看哪个用户、IP、终端、什么时间登陆过服务器

[root@liesys ~]# utmpdump /var/log/wtmp | more
Utmp dump of /var/log/wtmp
[7] [29224] [ts/1] [root    ] [pts/1       ] [vm40102             ] [127.0.0.1      ] [Mon Feb 06 15:10:16 2023 CST]
[7] [29257] [ts/2] [root    ] [pts/2       ] [vm40102             ] [127.0.0.1      ] [Mon Feb 06 15:10:17 2023 CST]
[8] [29255] [    ] [        ] [pts/2       ] [                    ] [0.0.0.0        ] [Mon Feb 06 15:11:38 2023 CST]
[8] [29222] [    ] [        ] [pts/1       ] [                    ] [0.0.0.0        ] [Mon Feb 06 15:18:14 2023 CST]
[8] [28795] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [Mon Feb 06 15:28:45 2023 CST]
[7] [12735] [ts/0] [root    ] [pts/0       ] [vm40102             ] [127.0.0.1      ] [Mon Feb 06 17:18:55 2023 CST]
[8] [12733] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [Mon Feb 06 17:19:00 2023 CST]
[7] [13191] [ts/0] [root    ] [pts/0       ] [vm40102             ] [127.0.0.1      ] [Mon Feb 06 17:19:13 2023 CST]
[8] [13189] [    ] [        ] [pts/0       ] [                    ] [0.0.0.0        ] [Mon Feb 06 17:20:21 2023 CST]
[7] [12415] [ts/0] [root    ] [pts/0       ] [vm40102             ] [127.0.0.1      ] [Wed Feb 08 15:04:46 2023 CST]

2、查看哪个用户、IP、终端,什么时间登陆过服务器

[root@liesys ~]# who /var/log/wtmp | more
xinsec   pts/0        2023-02-01 09:39 (192.168.11.32)
xinsec   pts/1        2023-02-01 10:50 (192.168.11.32)
xinsec   pts/0        2023-02-01 10:22 (10.80.210.52)

3、查看哪个用户、IP、终端,什么时间登陆过服务器,内容更详细一些

last 指定记录文件,默认是显示/var/log目录下的wtmp文件的记录。

但/var/log目录下的btmp能显示的内容更丰富,可以显示远程登录,例如ssh登录 ,包括失败的登录请求。

[root@liesys ~]# last | more
root     pts/2        192.168.30.169   Mon Oct 24 09:36   still logged in
root     pts/2        192.168.30.169   Mon Oct 24 09:13 - 09:32  (00:19)

查看当前登陆用户,TTY,登陆地址等信息

[root@liesys ~]# w -i
 09:39:07 up 35 days, 46 min,  2 users,  load average: 0.43, 0.44, 0.62
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/1    192.168.30.169   09:06    2:35  14:56   0.87s -bash
root     pts/2    192.168.30.169   09:36    3.00s  0.09s  0.01s w -i
© 2025 谎伴
Theme by Wing
  • {{ item.name }}
  • {{ item.name }}