How to use the command lastcomm (with examples)

How to use the command lastcomm (with examples)

The lastcomm command is used to display information about the last commands executed on the system. It allows users to view details such as the user who executed the command, the command itself, and the time it was executed. This command is helpful for system administrators and users who want to keep track of the commands executed on a system or analyze command usage patterns.

Use case 1: Print information about all the commands in the acct (record file)

Code:

lastcomm

Motivation: This use case is useful for system administrators or users who want to get an overview of all the commands executed on the system. It provides a comprehensive list of all commands along with their execution details.

Explanation: When executed without any arguments, the lastcomm command displays information about all the commands in the acct (record file). It prints details such as the user, command, time of execution, and the amount of CPU time used.

Example output:

/sbin/init                                     root     __         1.25 secs Tue Mar  2 09:06
/var/log/kern.log.persist                      syslog   __        50.69 secs Tue Mar  2 09:07
/usr/bin/systemd-udevd                         root     __         2.67 secs Tue Mar  2 09:07
/sbin/hwclock                                  root     *J         0.00 secs Tue Mar  2 09:07

Use case 2: Display commands executed by a given user

Code:

lastcomm --user user

Motivation: This use case is helpful for system administrators who want to track the commands executed by a specific user. It allows them to monitor the activities of individual users and identify any potentially malicious or abnormal command executions.

Explanation: By specifying the --user option followed by the username, the lastcomm command displays information about the commands executed by that particular user. It prints details such as the command, time of execution, and the amount of CPU time used.

Example output:

/var/log/kern.log.persist                      syslog   __        50.69 secs Tue Mar  2 09:07
/usr/bin/systemd-udevd                         root     __         2.67 secs Tue Mar  2 09:07

Use case 3: Display information about a given command executed on the system

Code:

lastcomm --command command

Motivation: This use case is useful for users who want to investigate the details of a specific command executed on the system. It helps in understanding the command’s execution pattern, resource utilization, and other related information.

Explanation: By specifying the --command option followed by the command name, the lastcomm command displays information about the specified command executed on the system. It prints details such as the user, time of execution, and the amount of CPU time used.

Example output:

/sbin/hwclock                                  root     *J         0.00 secs Tue Mar  2 09:07

Use case 4: Display information about commands executed on a given terminal

Code:

lastcomm --tty terminal_name

Motivation: This use case is helpful for users who want to track the commands executed on a specific terminal. It can be useful in a multi-user environment where multiple terminal sessions are active, and users need to monitor the commands executed on a particular terminal.

Explanation: By specifying the --tty option followed by the terminal name, the lastcomm command displays information about the commands executed on the specified terminal. It prints details such as the user, command, time of execution, and the amount of CPU time used.

Example output:

/sbin/init                                     root     __         1.25 secs Tue Mar  2 09:06

Conclusion:

The lastcomm command is a powerful tool for monitoring and analyzing command execution on a Linux system. It provides various options to view detailed information about commands executed by users, on specific terminals, or system-wide. By utilizing these options, users can gain insights into command usage patterns, track user activities, and investigate specific command executions.

Related Posts

How to use the command 'ip route' (with examples)

How to use the command 'ip route' (with examples)

The ip route command is used for managing the IP routing table in Linux.

Read More
SLURM squeue command (with examples)

SLURM squeue command (with examples)

The squeue command is used to view the jobs queued in the SLURM scheduler.

Read More
Managing User Authorities in ODPS with Examples

Managing User Authorities in ODPS with Examples

User authorities are essential for managing security and access control in the Open Data Processing Service (ODPS).

Read More