lastb command is used to list information about users who failed to log in to the system. It reads the
/var/log/btmp file, which contains a log of all failed login attempts. This command is useful for system administrators who need to monitor failed login attempts and investigate potential security breaches.
lastb command is simple to use and does not require any special privileges. To use it, simply open a terminal window and type
lastb followed by any options you want to use.
Here is an example of how to use the
This command will display a list of failed login attempts, including the username, source IP address, and date and time of the attempt. The
-w option is used to display the results in wide format, which makes it easier to read.
Another useful option is
-n, which can be used to limit the number of results displayed. For example, if you only want to see the 10 most recent failed login attempts, you can use the following command:
lastb -n 10
The following table lists all available options for the
||Displays the date and time of the last system boot.|
||Uses the specified file instead of
||Displays a help message and exits.|
||Displays the last
||Displays the hostname of the remote machine.|
||Displays entries newer than the specified date and time.|
||Displays entries for the specified user.|
||Displays the results in wide format.|
If you are having trouble using the
lastb command, here are some troubleshooting tips:
- Make sure you are running the command as a user with read access to the
- If you are not seeing any results, try using the
-foption to specify a different log file.
- If you are seeing unexpected results, make sure you are using the correct options and syntax.
/var/log/btmpfile is owned by the
rootuser and can only be read by users with appropriate permissions.
lastbcommand does not display information about successful login attempts. For that, you can use the
lastbcommand is not available on all Linux distributions. If it is not installed on your system, you may need to install it using your package manager.