I am trying to figure out the login time on my systems (mostly system boot).
I am using the last Unix command. However, this does not allow me to pull more than a certain number of records. I assume that the log file from which it draws, which is /var/log/wtmp , is overwritten after a certain size.
I see that I have a wtmp.1 file, so using the -f option, I can go back a month ago using this option. It's amazing that archives are archived somewhere else.
So my question is: is there a way to get older records.
Below is the last call I am making:
last -n 10000|grep "system"
Here are the last few lines of output.
reboot system boot 3.5.0-36-generic Sun Jul 7 07:07 - 22:08 (15:01) reboot system boot 3.5.0-36-generic Sat Jul 6 23:23 - 23:23 (00:00) reboot system boot 3.5.0-34-generic Sat Jul 6 09:40 - 23:22 (13:42) reboot system boot 3.5.0-34-generic Sat Jul 6 09:38 - 09:39 (00:00) reboot system boot 3.5.0-34-generic Sat Jul 6 06:40 - 09:39 (02:58) reboot system boot 3.5.0-34-generic Sat Jul 6 06:15 - 06:17 (00:02) reboot system boot 3.5.0-34-generic Sat Jul 6 06:13 - 06:17 (00:03) reboot system boot 3.5.0-34-generic Fri Jul 5 19:30 - 22:34 (03:03)
I canβt get the magazines yet on time.
- Is this the right approach?
- How do we see old magazines? For example, if I pass
-n 10000 or -n 1000000 , I get the same result.
In the end, I will write a quick Python script to parse this o / p from the subprocess module.
EDIT . Most of the answers below are correct. Unfortunately, only one answer can be accepted. Magazines once disappeared!
source share