I am trying to pull information from one of my servers, for a specific login. When I run the "last" command for that login, it only gives me info for the last 4 days, but I know this login has been active for longer than that.
From what I read in the /etc/logrotate.conf file below (from my server), wtmp must be configured separately, and is not included with the other logs. Is this correct ?
Question 2: Does my system read /etc/logrotate.d/wtmp, which means even if it is not set in logrotate.conf, it is still set in logrotate.d ?
From what I can gather from the 2 files below, /var/log/wtmp will have a max age of 365 days (is kept for a year), and will be rotated for 99 weeks. Why am I not picking up all the info for this login ?
The size of the wtmp file: ls -la /var/log/wtmp -rw-rw-r-- 1 root tty 892800 Apr 21 17:23 /var/log/wtmp /etc/logrotate.conf shows: -------------------------- # see "man logrotate" for details # rotate log files weekly weekly # keep 4 weeks worth of backlogs rotate 4 # create new (empty) log files after rotating old ones create # uncomment this if you want your log files compressed #compress # uncomment these to switch compression to bzip2 #compresscmd /usr/bin/bzip2 #uncompresscmd /usr/bin/bunzip2 # RPM packages drop log rotation information into this directory include /etc/logrotate.d # no packages own wtmp -- we'll rotate them here #/var/log/wtmp { # monthly # create 0664 root utmp # rotate 1 #} # system-specific logs may be also be configured here. And /etc/logrotate.d/wtmp shows: -------------------------------- /var/log/wtmp { compress dateext maxage 365 rotate 99 size=+-400k notifempty missingok copytruncate } Dirk *** Disclaimer *** The information contained in this e-mail is confidential and legally privileged and is intended solely for the addressee and to others who have the authority to receive it. Access to this e-mail by anyone else is unauthorized and as such, any disclosure, copying, distribution or any action taken or omitted in reliance on it is unlawful. If you have received this e-mail in error, please notify the sender immediately. The views expressed in this e-mail are the views of the individual sender and should in no way be construed as the views of the Company. The Company is not liable to ensure that outgoing e-mails are virus-free. The Company is not liable, should information or data, for whatever reason, be corrupted or fail to reach its intended addressee. The Company is not liable for any loss or damage of whatsoever nature and howsoever arising resulting from the opening or the use of the information in this e-mail, including its attachments and links. The sender of this e-mail is subject to and bound by the terms and conditions of Company+IBk-s Electronic Communications Usage Policy. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org