Logging - noyage/redhat GitHub Wiki

syslog (System Logs)

Logins

$ who shows users currently logged in
$ whoami who am i?
$id info about you (or other users)
- $id (username)
$ last shows users who logged into this host
$ lastb shows failed logins

Login logs

sshd logs to /var/log/secure
keep in mind log rotation

Managing Logs

/etc/logrotate.conf
/etc/logrotate.d

wtmp

Successful logins stored in /var/log/wtmp (stored as a binary file)
- $ last
Failed logins stored in /var/log/btmp (binary file)
- $ lastb
also see /var/log/secure for logins