The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Last command doesn`t show all connections

Discussion in 'General Discussion' started by jestin_virtual, Oct 10, 2009.

  1. jestin_virtual

    jestin_virtual Active Member

    Joined:
    Sep 2, 2009
    Messages:
    41
    Likes Received:
    0
    Trophy Points:
    56
    Hello !

    i have 10 websites based on WHM , we are not selling share hosting and using server only for our company`s websites

    i have never removed my Logs and i didn`t update Apache for long time !

    when i check the "Last "Command all logs has started from 1st-Oct is it mean someone has access to our server and he has deleted the Logs ? (using this server since 2006)

    However , history has not removed and i couldn`t find any command which could deleted my logs ,

    it might be problem ? of course i couldn`t find anything in history but they could use MC to remove something

    just let me know how to "Last" logs could be deleted !!

    Thank You
     
    #1 jestin_virtual, Oct 10, 2009
    Last edited: Oct 10, 2009
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    In your WHM, top left, type in the word rotation. Click the single result shown to check your log rotation settings the system handles for you. Your logs may simply have been rotated.

    Older backed up logs for many things can be found in /var/log/ for example messages log is backed up to be messages.1 (or .2 .3 or .4)
     
    #2 Infopro, Oct 10, 2009
  3. jestin_virtual

    jestin_virtual Active Member

    Joined:
    Sep 2, 2009
    Messages:
    41
    Likes Received:
    0
    Trophy Points:
    56
    rotate has not been set in WHM !


    and also please check the below settings :


    [root@server /]# cat /etc/logrotate.conf
    # see "man logrotate" for details
    # rotate log files weekly
    weekly

    # keep 4 weeks worth of backlogs
    rotate 4

    # create new (empty) log files after rotating old ones
    create

    # uncomment this if you want your log files compressed
    #compress

    # RPM packages drop log rotation information into this directory
    include /etc/logrotate.d

    # no packages own wtmp -- we'll rotate them here
    /var/log/wtmp {
    monthly
    create 0664 root utmp
    rotate 1
    }

    # system-specific logs may be also be configured here.
    [root@server /]#
     
    #3 jestin_virtual, Oct 11, 2009
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    8
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The symptoms described are normal and indicates that your OS' logrotate configuration was (by default) setup to automatically rotate (archive and optionally compress) old wtmp log data. You can check if you have older copies of the wtmp log using the following command via root SSH access:
    Code:
    # ls -al /var/log/wtmp*
    cPanel/WHM uses "cpanellogd" for its own log rotation features and does not change your OS' logrotate configuration. You may, however, view or modify your OS' logrotate configuration at any time, preferably after making appropriate backup copies.

    Here is the path to logrotate's configuration file(s):
    /etc/logrotate.conf
    /etc/logrotate.d/

    On a test system with CentOS v4, the wtmp log file is configured for rotation directly within logrotate.conf, but to help check where it may be on your system you can run the following command:
    Code:
    # grep -HinR "wtmp" /etc/logrotate.*
    Please reference the following related "man" (manual) pages for more verbose documentation:
    Code:
    # man last
# man wtmp
# man logrotate
     
    #4 cPanelDon, Oct 12, 2009
  5. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    8
    Trophy Points:
    168
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The quoted logrotate configuration is normal and comes with your OS installation and specifically the logrotate software package, (not cPanel/WHM). The specific entry for "/var/log/wtmp" indicates your logrotate configuration is set to rotate the log data used by "last" on a monthly basis; this is why when using "last" it appeared to reset or only go back as far as the 1st day of the month.
     
    #5 cPanelDon, Oct 12, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Last command doesn`t
  1. James Hall

    Last Login IP From

    James Hall, Aug 11, 2017, in forum: Data Protection
    Replies:
    3
    Views:
    60
    cPanelMichael
    Aug 11, 2017
  2. Onklmaps

    "Last 300 Error Log" page blank

    Onklmaps, Jun 15, 2017, in forum: General Discussion
    Replies:
    12
    Views:
    230
    cPanelMichael
    Jun 19, 2017
  3. maestroc

    X-Spam-Last-External-IP is raising spam score

    maestroc, May 10, 2017, in forum: E-mail Discussions
    Replies:
    1
    Views:
    164
    Infopro
    May 10, 2017
  4. chris0147

    The last attempt to update cPanel & WHM was blocked

    chris0147, Apr 29, 2017, in forum: General Discussion
    Replies:
    9
    Views:
    315
    vacancy
    May 2, 2017
  5. Hasanhz

    The last attempt to update cPanel & WHM was blocked. Details

    Hasanhz, Feb 21, 2017, in forum: General Discussion
    Replies:
    2
    Views:
    358
    cPanelMichael
    Feb 22, 2017

Share This Page