• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

lastcomm Command Examples in Linux

by Deepika

lastcomm is a command-line tool that shows a listing of the last commands executed on a Linux system. It is a part of the acct package and it reads the binary file that contains the list of executed commands, usually located at /var/log/pacct or /var/account/pacct.

The lastcomm command provides a list of all the executed commands on the system, including the date and time of the command, the username of the user who ran the command, and the command that was executed. The output can be useful for auditing and troubleshooting purposes, as it can help identify what commands have been executed, when, and by whom.

By default, the lastcomm command will show the most recent executed commands. You can also specify a time range or a specific username to filter the output. By using the -f option, you can specify a different location of the pacct file. It’s worth noting that the pacct file only keeps track of executed commands if process accounting is enabled on the system. To enable process accounting you should use the command accton.

lastcomm Command Examples

1. Print information about all the commands in the acct (record file):

# lastcomm

2. Display commands executed by a given user:

# lastcomm --user user

3. Display information about a given command executed on the system:

# lastcomm --command command

4. Display information about commands executed on a given terminal:

# lastcomm --tty terminal_name

Summary

In summary, lastcomm is a useful command-line tool for system administrators and security administrators who need to monitor executed commands on a Linux system. It can help identify potential security breaches and take appropriate action, as well as troubleshoot issues that may arise by checking the commands executed and their output.

Filed Under: Linux

Some more articles you might also be interested in …

  1. How to install packages using dnf in CentOS/RHEL 8
  2. How to Disable or set SELinux to Permissive mode
  3. adig Command Examples in Linux
  4. After Reboot RAID1 Disk Gets Removed/Out of Sync (CentOS/RHEL)
  5. CentOS / RHEL 7 : How to reinstall GRUB2 from rescue mode
  6. The /var/log/messages is empty, and so are the rotated log files such as messages.0, messages.1
  7. edquota Command Examples in Linux
  8. deluser: command not found
  9. macchanger: command not found
  10. How to uninstall jellyfish software package from Ubuntu

You May Also Like

Primary Sidebar

Recent Posts

  • protonvpn-cli Command Examples in Linux
  • protonvpn-cli connect Command Examples
  • procs Command Examples in Linux
  • prlimit: command not found

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright