실습> /var/run/utmp 테스트
1. root 로그인 확인
# w
17:05:45 up 6 min, 1 user, load average: 0.00, 0.04, 0.04
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.108.1 16:59 1.00s 0.02s 0.01s w
# file /var/run/utmp
/var/run/utmp: data
# strings /var/run/utmp
reboot
3.10.0-1160.el7.x86_64
runlevel
3.10.0-1160.el7.x86_64
tty1
tty1LOGIN
pts/0
ts/0root
192.168.108.1
!bQI
2. 일반 유저 로그인 확인
Last login: Fri Mar 4 16:51:06 2022 from 192.168.108.1
$ w
17:09:28 up 10 min, 2 users, load average: 0.00, 0.02, 0.04
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.108.1 16:59 3:44 0.01s 0.01s -bash
user1 pts/1 192.168.108.1 17:09 0.00s 0.01s 0.01s w
$ last
user1 pts/1 192.168.108.1 Fri Mar 4 17:09 still logged in <--
root pts/0 192.168.108.1 Fri Mar 4 16:59 still logged in
reboot system boot 3.10.0-1160.el7. Fri Mar 4 16:59 - 17:10 (00:11)
root pts/0 192.168.108.1 Fri Mar 4 16:57 - down (00:01)
reboot system boot 3.10.0-1160.el7. Fri Mar 4 16:56 - 16:58 (00:01)
user1 pts/2 192.168.108.1 Fri Mar 4 16:51 - 16:54 (00:03)
user1 pts/2 192.168.108.1 Fri Mar 4 16:42 - 16:47 (00:04)
# w
17:11:14 up 12 min, 2 users, load average: 0.00, 0.01, 0.04
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.108.1 16:59 2.00s 0.01s 0.00s w
user1 pts/1 192.168.108.1 17:09 1:06 0.00s 0.00s -bash
'Linux > 보안장비 운용' 카테고리의 다른 글
| /var/log/btmp (0) | 2022.03.04 |
|---|---|
| 로그 삭제 툴 Zap3 사용하기 (0) | 2022.03.04 |
| /var/log/wtmp 테스트 (0) | 2022.03.04 |
| 시간 동기화 설정하기 (0) | 2022.03.04 |
| 로그 log (0) | 2022.03.04 |