JP Vossen on 22 Jan 2008 16:15:40 -0800 |
> On Jan 22, 2008 10:50 AM, Ron Kaye <rkaye2@csc.com> wrote: >> i am looking for a shutdown and/or reboot history. [...] > Date: Tue, 22 Jan 2008 11:33:12 -0500 > From: "David Colon" <dcolon@dcolon.org> > > wtmp stores that. grep reboot /var/log/wtmp. Depending on how your > log rotation is setup, you might only have a day or so of history. If > you still have older wtmp files in /var/log [wtmp.1, wtmp.2, etc], > then you can apply the grep to those. grep reboot /var/log/wtmp* Except that wtmp is usually in some binary format, so grep won't work. But that's what the 'last' command is for, so 'last reboot' might work. Unless wtmp as aged, as David notes. # last reboot reboot system boot 2.6.8-2-686 Tue Jan 22 19:02 (00:09) reboot system boot 2.6.8-2-686 Thu Jan 10 16:47 (12+02:13) Other things to try: * man last (it can be a bit fancier, and as noted there may be more than 1 file to check). * The 'uptime' command will tell you how long you've been up, then you can do the math. * Some "Logcheck" programs (like the Debian/Ubuntu one) send you email right after a reboot. a) that might solve your problem or b) it'll give you things to look for. That's what I did to a test machine to get the list below. Logcheck is a terribly handy program to be using anyway. * I think there is a related Vixie-cron facility that might be worth a look too. * Otherwise, some things to looks for in /var/log/messages and/or /var/log/syslog are as follows. Note that they may have false positives, as when logrotate restarts syslog, for example. Shutdown: 'shutting down for system reboot' # I suspect this is *best* 'Switching to runlevel: ' # 6 or 0? 'Kernel log daemon terminating' 'mysqld: Normal shutdown' 'InnoDB: Starting shutdown' 'stopping the Postfix mail system' Startup: 'Inspecting /boot/System.map' 'BIOS-provided physical RAM map' 'Calibrating delay loop' 'InnoDB: Started' HTH, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- Microsoft has single-handedly nullified Moore's Law. Innate design flaws of Windows make a personal firewall, anti-virus and anti-malware software mandatory. The resulting software arms race has effectively flattened Moore's Law on hardware running Windows. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|