The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Last command doesn`t show all connections

Discussion in 'General Discussion' started by jestin_virtual, Oct 10, 2009.

  1. jestin_virtual

    jestin_virtual Active Member

    Joined:
    Sep 2, 2009
    Messages:
    41
    Likes Received:
    0
    Trophy Points:
    6
    Hello !

    i have 10 websites based on WHM , we are not selling share hosting and using server only for our company`s websites

    i have never removed my Logs and i didn`t update Apache for long time !

    when i check the "Last "Command all logs has started from 1st-Oct is it mean someone has access to our server and he has deleted the Logs ? (using this server since 2006)

    However , history has not removed and i couldn`t find any command which could deleted my logs ,

    it might be problem ? of course i couldn`t find anything in history but they could use MC to remove something

    just let me know how to "Last" logs could be deleted !!

    Thank You
     
    #1 jestin_virtual, Oct 10, 2009
    Last edited: Oct 10, 2009
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    In your WHM, top left, type in the word rotation. Click the single result shown to check your log rotation settings the system handles for you. Your logs may simply have been rotated.

    Older backed up logs for many things can be found in /var/log/ for example messages log is backed up to be messages.1 (or .2 .3 or .4)
     
  3. jestin_virtual

    jestin_virtual Active Member

    Joined:
    Sep 2, 2009
    Messages:
    41
    Likes Received:
    0
    Trophy Points:
    6
    rotate has not been set in WHM !


    and also please check the below settings :


    [root@server /]# cat /etc/logrotate.conf
    # see "man logrotate" for details
    # rotate log files weekly
    weekly

    # keep 4 weeks worth of backlogs
    rotate 4

    # create new (empty) log files after rotating old ones
    create

    # uncomment this if you want your log files compressed
    #compress

    # RPM packages drop log rotation information into this directory
    include /etc/logrotate.d

    # no packages own wtmp -- we'll rotate them here
    /var/log/wtmp {
    monthly
    create 0664 root utmp
    rotate 1
    }

    # system-specific logs may be also be configured here.
    [root@server /]#
     
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The symptoms described are normal and indicates that your OS' logrotate configuration was (by default) setup to automatically rotate (archive and optionally compress) old wtmp log data. You can check if you have older copies of the wtmp log using the following command via root SSH access:
    Code:
    # ls -al /var/log/wtmp*
    cPanel/WHM uses "cpanellogd" for its own log rotation features and does not change your OS' logrotate configuration. You may, however, view or modify your OS' logrotate configuration at any time, preferably after making appropriate backup copies.

    Here is the path to logrotate's configuration file(s):
    /etc/logrotate.conf
    /etc/logrotate.d/

    On a test system with CentOS v4, the wtmp log file is configured for rotation directly within logrotate.conf, but to help check where it may be on your system you can run the following command:
    Code:
    # grep -HinR "wtmp" /etc/logrotate.*
    Please reference the following related "man" (manual) pages for more verbose documentation:
    Code:
    # man last
    # man wtmp
    # man logrotate
     
  5. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    The quoted logrotate configuration is normal and comes with your OS installation and specifically the logrotate software package, (not cPanel/WHM). The specific entry for "/var/log/wtmp" indicates your logrotate configuration is set to rotate the log data used by "last" on a monthly basis; this is why when using "last" it appeared to reset or only go back as far as the 1st day of the month.
     
Loading...

Share This Page