I‘m running RHEL on HP server. This server allows to login to reset of the LAN from the Internet. How do I find out failed login records under Linux operating systems?
You need to use the faillog command to see the all failed login attempts. Linux records failed login into a special database at /var/log/faillog. To see contents of the failure log database at /var/log/faillog use faillog command. The same command can be used for
ADVERTISEMENTS
- Set the failure counters.
- Set or configure the limits.
- Display failed login information.
More About /var/log/faillog File
The /var/log/faillog maintains a count of login failures and the limits for each account. The file is binary format with the following the structure of the file:
struct faillog { short fail_cnt; short fail_max; char fail_line[12]; time_t fail_time; long fail_locktime; }; |
You cannot view the structure using the cat command:
# cat /var/log/faillog
So you need to use the faillog command to display this binary file records.
faillog Command Examplesdescribed in our previous tutorial. To display failed login attempts for user tom, enter:
# faillog -u usernameHere
# faillog -u tom
To display failed login attempts for all users, enter:
# faillog -a
To display faillog records more recent than 5 days, enter:
# faillog -t 5 -u tom 🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook •
2 comments... add one ↓
UP NEXT
How to Create a new user account in CentOS 7/8
Linux and Unix dig Command Examples
cat command in Linux / Unix with Examples
Linux Configure Firewall Using Shorewall Under RHEL / CentOS
How To Patch and Protect Linux Server Against the Glibc GHOST Vulnerability # CVE-2015-0235
Linux and Unix Test Disk I/O Performance With dd Command
Understanding /var/account/pacct OR /var/account/acct - Acct File Format
# faillog -u tom
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 2 comments... add one ↓
- How to Create a new user account in CentOS 7/8
- Linux and Unix dig Command Examples
- cat command in Linux / Unix with Examples
- Linux Configure Firewall Using Shorewall Under RHEL / CentOS
- How To Patch and Protect Linux Server Against the Glibc GHOST Vulnerability # CVE-2015-0235
- Linux and Unix Test Disk I/O Performance With dd Command
- Understanding /var/account/pacct OR /var/account/acct - Acct File Format
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Hi Vivek,
Your articles are quite precise and good. Often Google lands me to your page :).
I appreciate you for devoting your time and energy crafting them.
Cheers!
Would you be able to include an example of output of the “faillog” command, with description of the fields?