Flipkart

Saturday, 18 March 2017

Everything about SymLink in Linux/Unix

This article provides detailed description of Symlink and Hardlink concepts in Linux(RedHat&Centos)/Unix with meaningful examples and useful images.

What is a Symlink?

A Symlink OR a soft link simply means to make a new name which is called as a symbolic link for an existing file or a directory keeping its original name and path untouched.

**We can create more than one symbolic link for a given file/directory to use the same file/directory in different applications or different programs at a time.

**A symbolic link can have any kind of permissions as it is just a reference to the original file/dir. So, only the permissions on original file/dir matter but not of the symbolic link.

**The ownership of the softlink/symbolic link does not matter too except for the case where the link needs to be removed.

To remove a soft link, user must have valid permissions for that link.

Uses of a symbolic or Soft Link:

=>Symbolic links are accessible across the file systems, which means a symbolic link can be created in one file system to a file which is in another partition or file system.

=>This is really useful to save the some amount of disk space as we can have multiple references at different locations to one file which can sit on a single location.

**Command to create a symlink is #ln -s  


Example:

Symlink to a Directory:

[root@server2 dir]# pwd
/server/dir
[root@server2 dir]# ls -lrth
total 4.0K
drwxr-xr-x 2 root root 4.0K Mar 1 11:40 test
[root@server2 dir]# cd test
[root@server2 test]# ls -lrth
total 0
-rw-r--r-- 1 root root 0 Mar 1 11:40 f1
-rw-r--r-- 1 root root 0 Mar 1 11:40 f2
[root@server2 test]# ln -s test test_symlink1
[root@server2 test]# ln -s test test_symlink2
[root@server2 test]# ln -s test test_symlink3
[root@server2 test]# ls -lrth
total 0
-rw-r--r-- 1 root root 0 Mar 1 11:40 f1
-rw-r--r-- 1 root root 0 Mar 1 11:40 f2
lrwxrwxrwx 1 root root 4 Mar 1 11:57 test_symlink1 -> test
lrwxrwxrwx 1 root root 4 Mar 1 11:57 test_symlink2 -> test
lrwxrwxrwx 1 root root 4 Mar 1 11:57 test_symlink3 -> test
If  you do a cd to any of the symlinks shown above, you will find the same data which is there in test directory. That's the magic of symlink. Same is true in the below example of a file as well.

 

Symlink to a file:

[root@server2 test]# ln -s f1 f1_symnlink1
[root@server2 test]# ln -s f1 f1_symnlink2
[root@server2 test]# ls -lrth
total 0
-rw-r--r-- 1 root root 0 Mar 1 11:40 f1
-rw-r--r-- 1 root root 0 Mar 1 11:40 f2
lrwxrwxrwx 1 root root 4 Mar 1 11:57 test_symlink1 -> test
lrwxrwxrwx 1 root root 4 Mar 1 11:57 test_symlink2 -> test
lrwxrwxrwx 1 root root 4 Mar 1 11:57 test_symlink3 -> test
lrwxrwxrwx 1 root root 2 Mar 1 11:58 f1_symnlink1 -> f1
lrwxrwxrwx 1 root root 2 Mar 1 11:58 f1_symnlink2 -> f1
[root@server2 test]#


What will happen if a symlink is removed?

As we already discussed, symlink or softlink or symbolic link is just a reference to the original file, absolutely there is no impact to the original file/directory with respect to their data if a symlink is removed.

How to remove a symlink?




A symlink can be removed just like a normal Linux/unix file with the below command.
#rm symlink_name

Worth Noting:

**Symlinks can be created to every file/dir to which you can locally access using the regular Linux file system commands  like #cd, # cat or #ls -lrth.

**That clarifies, a symlink cannot be created to a network location unless the network file/dir is mounted on your local system.

** A symlink can also be created to a file which is non-existent. That symlink is called "Dangling Link"


We will discuss about Hard Links in my next article and then see the differences between the two.

HAPPY LINUX LEARNING :)

Feel free to add any points that can be useful to make this article complete in the comments section.

Other Related Articles:
1.File System State is clean with errors in Linux
2.SCRIPT Monitor File System Usage/size in Linux

Easy search through Google:
Use the text in quotes shown below to get into my blog quickly from Google:

"linuxunixdatabase blogger"

Wednesday, 15 March 2017

TAR Command in LINUX/UNIX

In this Mid-Week article, I am going to share/remind few useful things that can be done using TAR command in Linux/UNIX.

What is TAR stands for?
Tape ARchive==> A Utility which helps to create single file called an ""archive" or a TAR file from number of individual files in Linux/UNIX.

->The contents of this archive can be only the names of the individual files used to create it but not the actual data those file have.

Creating an archive or a TAR file:

Example:

In the below example, I have created f1.out, f2.out and f3.out files with some text.

[root@server2]# ls -lrth
total 12K
-rw-r--r-- 1 root root 317 Mar 15 11:10 f1.out
-rw-r--r-- 1 root root 579 Mar 15 11:11 f2.out
-rw-r--r-- 1 root root 508 Mar 15 11:11 f3.out


Then I used below command to create a tar file which contains the above three files

[root@server2]# tar -cvzf File.tar.gz f1.out f2.out f3.out
f1.out
f2.out
f3.out

[root@server2]# ll
total 16
-rw-r--r-- 1 root root 317 Mar 15 11:10 f1.out
-rw-r--r-- 1 root root 579 Mar 15 11:11 f2.out
-rw-r--r-- 1 root root 508 Mar 15 11:11 f3.out
-rw-r--r-- 1 root root 857 Mar 15 11:17 File.tar.gz


File.tar.gz is the command file that was created using the above TAR command.

Why should we TAR a file?

In my experience I used TAR utility to move bunch of files in compressed mode up to the 1/3rd of the original size of the data with a single command.
==>So, suppose I have 10 files combined have a data of 30 GB, I can make a single TAR file that has a size of just 10 GB and move to the target

How to UnTAR an archive or a TAR file?

#tar -xvzf File.tar.gz
==>The above command gives you back the original files with their actual sizes in the target directory you wish either on local or on network.

Example:

[root@server2]# tar -xvzf File.tar.gz
f1.out
f2.out
f3.out

What other things TAR can do?



Scenario: Suppose you have received a TAR file from one of your superior or a colleague, but you want to know what that file actually has before opening that file. How?

#tar -tvf
==>The above command actually shows the names of the files that the above TAR file or archive has.

[root@server2]# tar -tvf File.tar.gz
-rw-r--r-- root/root       317 2017-03-15 11:10:27 f1.out
-rw-r--r-- root/root       579 2017-03-15 11:11:07 f2.out
-rw-r--r-- root/root       508 2017-03-15 11:11:29 f3.out


-So, if the files above seen are relevant to you, you can think of un-tarring the actual contents. If not, the file could be a malware or virus or anything that could be marked as danger.

Feel free to comment or add more details in the comment's section.

Little follow up work :
You can also break a big tar file into parts for easy uploads, just think of it or try to get the information :).

As always, refer man page of TAR to get required information.

#man tar

HAPPY LINUX LEARNING :)

Easy search from Google:  
Use the text in quotes shown below to get into my blog quickly:
"linuxunixdatabase blogger"

Friday, 10 March 2017

Network Routing in Linux (Centos&Red Hat) - It’s all Practical

Agenda:
To know what is Network Routing and to know HOW and WHERE routing in Linux/UNIX can be used.
What is a Network Routing:
Network Routing is a process on Linux and UNIX servers in which a system administrator configures or modifies a kernel structure called a routing table to define the network accessibility among the computers in two or more different networks.
In simple words,  suppose if I want to connect to a system which is in 172.168.1.1 network from 192.168.1.1 network. It is directly not possible to talk to a computer which is in a different network. Here comes the gateway concept. To connect to 172.168.1.1 network, we need to go and connect to its default gateway first which will route us further to the computers which are in its own network.
So, routing helps us to go and connect to the computers which are not in same network through gateways.
A routing table contains the information on how packets are to be forwarded among the computers in different networks.
How to see the present routing settings OR Routing Table on your Linux Server?
#route -n is the command which provides present routing details
Note: You must be ROOT user to be able to configure routs on your Server
#netstat -r was used earlier but now it’s completely obsolete program and the alternate for the same is # ip route
Example output:
[root@LinuxServer ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric      Ref     Use Iface
192.168.1.3     0.0.0.0         255.255.255.255 UH   0      0        0         usb0
x.x.x.x              0.0.0.0         255.255.255.0     U      0      0        0         eth2
172.1.1.1         0.0.0.0         255.255.252.0     U      0      0        0         eth10
172.0.0.0         0.0.0.0         255.255.230.0     U      0      0        0         eth3
0.0.0.0             x.x.x.x          0.0.0.0                 UG    0      0        0         eth2
[root@LinuxServer ~]#
It is necessary to know what each column is meant for in the above output to be able to configure further changes to your routing table as needed for you.
1.Destination⇒ This column represents the route from your Linux server to the target server. In this case, it is 192.168.1.13 in the first row.
2.Gateway⇒ This column has the information whether a gateway is used for the route specified. In this example, only the last row has used default gateway and rest of the routes do not a default gateway.
3.Genmask⇒ This column represents netmask of the interface for which route has been configured
Flags⇒ This column shows whether the route is up and whether Gateway was used for the connection. U->Up and G->Gateway
4.Iface⇒ This column has the interface name of our own Linux server through which a route has been established and supposed to work while connecting to other system in a different network.
Types of Network Routing:
There are two types of network routing. They are:
  1. Dynamic Routing
  2. Static Routing
Dynamic Routing:
A dynamic routing is generally used by an ISP who usually manages large number of network connections which may be difficult to discuss here.
Static Routing:
Static routing  is the one which we use in our enterprise networks.
 We have the commands #route and #ip route to add or delete the routs on your Linux server.
SCENARIO:
Let's take a scenario in which we need a routing change to be able to connect to a system from your Linux server.
Suppose the IP address of your server (server1) is 172.168.1.1 with netmask 255.255.255.0 on interface eth1.
And the server(server2) your aiming to connect has IP:192.168.1.1 with netmask 255.255.255.0 on interface eth1
Where can you find the above details? :)
1. #ifconfig -a is the command to see all the existing network interfaces on your Linux Server.
2. #ifconfig eth1 ==> is used to fetch the details only about eth1 interface.
Example:
#ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 01:89:A8:G8:4R:54
         inet addr:192.168.9.5  Bcast:192.168.99.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:190458 errors:0 dropped:0 overruns:0 frame:0
         TX packets:86768 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:150
         RX bytes:30701269 (29.3 Mb)  TX bytes:7878926 (1.9 Mb)
          Interrupt:9 Base address:0x5000   
 So, I now have a goal to establish a route in such a way that I should be able to connect to my server server1 to server2.
==>Command is the below to add a static route for the same on server1:
#route add -net 192.168.1.0 netmask 255.255.255.0 dev eth1
In the above line why did I use 192.168.1.0 instead of 192.168.1.1? Because I would like to be able to connect not only the system with th IP:192.168.1.1 but all the systems in this network.
So, If you have only one system in the target network, you can specify single IP address as well.
==>If the gateway for the network 192.168.1.0 is not added already, we use the below command to add the same:
#route add default gw 192.168.1.20  
If I want to route the connection from server1 to server2, we use the below command:
#route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.20
==>We can also set the flags to allow or reject the connections using #route command as shown below:  
#route add -net 10.1.1.0 netmask 255.0.0.0 reject
With the above command, I restricted access to 10.1.* network from my server.
IMPORTANT POINTS:
1).So far I have added all the routes from server1 to server2 which means, we get access from server1 to server2 but vice versa does not work until you add appropriate routes in server2.  So, game should be both the ways always :)
2).The routs which we usually add using the route commands like above will be vanished after the host reboot. How to make them persistent?
To add a persistent static route in Red Hat and Centos Linux, create a file called route- in the /etc/sysconfig/network-scripts/ directory like below:
 The file /etc/sysconfig/network-scripts/route-eth0 looks like below  
# cat /etc/sysconfig/network-scripts/route-eth0
ADDRESS0=192.168.1.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.1.20
ADDRESS1=172.16.1.1
NETMASK1=255.255.255.0
GATEWAY1=172.16.1.10  
There are different formats to put text in this file, the one which I chose seems to be a meaningful one.
->Once the above file is created, a network restart is required using the below command to make the changes working.
#service network restart
I hope you take system downtime from business while running the above command on your production server :)
How to Delete the existing route entries ?
You can use the same route command with del argument.
Example:
#route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.20
**Do not forget to comment out the lines in the route-ethx file for permanent changes
 
HAPPY LINUX LEARNING :)
 
Related Posts from Blog:
Easy search from Google:  
Use the text in quotes shown below to get into my blog quickly:
"linuxunixdatabases blogger"

Tuesday, 7 March 2017

How to Debug a Shell Script-(Linux&UNIX)

In this article, I will explain how to debug a shell script.
I am taking a script which was used in one of my previous articles that generates Alerts whenever /opt File System on your Red Hat/Centos Linux Server exceeds its usage 65%.

Below is the reference:
Shell SCRIPT to Monitor File System Usage/size in Linux

The script used to generate alerts is as shown below:
=====
#!/bin/sh
df -kh | grep "/opt" |  awk '{print $5" "$6}'|cut -d " " -f1 --output-delimiter='  '|tail -n 1 | while read Value;
do
  echo $Value
  fssize=$(echo $Value | awk '{ print $1}' | cut -d'%' -f1)

 if [ $fssize -ge 65 ]; then
mail -s "Alert: /opt is Almost out of disk space on Server `uname -n`, Needs Immediate Attention"
serversupport@domain.com
fi
done
======


 Now, how can a system administrator debug this script to make sure if it works fine before he deploys this script on his production Linux Server?

SCRIPT DEBUGGING:

 1.To start debugging any script, take meaning full lines or parts of a line from the above script which works in a command line and try to get the output for each meaningful Linux command of the script.

Output from my system for the above script is as below:

[root@server2 ~]# df -kh | grep "/opt"
/dev/sda7             7.8G  1.4G  6.1G  68% /opt


 [root@server2 ~]# df -kh | grep "/opt" |  awk '{print $5" "$6}'
68% /opt


[root@server2 ~]# df -kh | grep "/opt" |  awk '{print $5" "$6}'|cut
 -d " " -f1 --output-delimiter='  '
68%


[root@server2 ~]# df -kh | grep "/opt" |  awk '{print $5" "$6}'|cut -d " " -f1 --output-delimiter='  '|tail -n 1
68%

  • Tail command helps us especially if there are more than one lines in the output to select the last line
[root@server2 ~]# echo 18%| awk '{ print $1}' | cut -d'%' -f1
68


Since 68 > 65, script is bound to generate an alert for us.

IMPORTANT NOTE:
  • It is always a better idea to redirect the output of this script to a log file which can be viewed later if you want to track what the script did when this job was actually run.
So a modified Crontab entry would look like below:

CRON ENTRY:

##This job runs every 5 minutes to check file system usage
*/5 * * * * /home/admin/FSalerts.sh > /home/admin/FSalerts.log

 You can open the log file /home/admin/FSalerts.log anytime you wish and see what was the activity done when the job was actually run.

This file is useful to troubleshoot the issues with the script or Cron when you did not receive any alert even if the FS usage exceeded your set threshold.

HAPPY LINUX LEARNING :)

Friday, 3 March 2017

/var/log/messages log file in Linux (Red Hat and Centos)

**********Logs in Linux (Centos&RedHat) - PART1**********

Click here: Logs in Linux (Centos&RedHat) - PART2
Click here: Logs in Linux (Centos&RedHat) - PART3

There are different log files available on Red Hat and Centos Linux Servers for different information like for kernel activities, services running on the Linux server and the applications that are deployed on the server.

This article is dedicated for the log file which I like most and has plenty of information about the system and various issues is /var/log/messages especially from a enterprise infra maintenance of a Linux Server point of view.

After reading the details below you will surely come to know how and what to look for in /var/log/messages log file which will help you to fix various Issues in Linux.

/var/log/messages log file is basically a read only file for users as the data is written to this file by system itself.

 You can use tools such as more, less, head, tail or vi to view the contents of this file.

Example:

#tail -n 5 /var/log/messages

Feb 2 07:35:44 server1 cib: [22388]: info: cib_stats: Processed 7 operations (5714.00us average, 0% utilization) in the last 10min
Feb 2 07:37:29 server1 PowerPath: Management Component: Warning: Cannot retrieve devices from MPAPI.
Feb 2 07:45:44 server1 cib: [22388]: info: cib_stats: Processed 7 operations (2857.00us average, 0% utilization) in the last 10min
Feb 2 07:47:29 server1 PowerPath: Management Component: Warning: Cannot retrieve devices from MPAPI.
Feb 2 07:55:44 server1 cib: [22388]: info: cib_stats: Processed 8 operations (5000.00us average, 0% utilization) in the last 10min


This file mainly has details about server startup/shutdown logs, messages related to storage functionality which is attached to server, local file system related errors, network ports link status, server restart time and cluster related messages if your server is in cluster.

I would suggest one has to look into /var/log/messages for issues like abrupt system reboot, SAN file system hung, fsck errors of local file systems  and network connectivity issues etc..to find a  reason for the issue.

There will be bunch of logs in the file  but the trick is to match  the time at which issue was first noticed and time stamp in the log file.

Look for the logs before and after around  that time frame.

Trace from /var/log/messages for different issues:

1. PowerPath: Management Component: Warning: Cannot retrieve devices from MPAPI.
                                      OR
    kernel: sd 3:0:0:0: SCSI error: return code = 0x00010000

This message indicates an issue with EMC storage that may be attached to server or just recently removed incorrectly from server.

 Fix:

Check the status of SAN file systems using #df -kh command whether the FS is healthy and read/write operation is possible.
Also check for other messages related to this issue in /var/log/messages till we get a conclusion of the issue.

2. kernel:eth0: link status is down

This message shows that the network interface eth0 is currently down and needs action to fix the issue.

 Fix:

Refer my other post below to troubleshoot network issues on Linux servers.
http://linuxunixdatabase.blogspot.com/2017/02/linuxunix-network-troubleshooting.html

3. If you see something like file system is corrupted or has errors

Refer my other post below to troubleshoot the fs related errors

http://linuxunixdatabase.blogspot.com/2017/02/file-system-state-is-clean-with-errors.html

4. Feb 19 04:02:02 server1 syslogd 1.4.1: restart.
This message actually indicates syslogd restart time. In my experience, I have seen this message shows the time lines which is very close to the server reboot.

For exact time of Linux Server restart, use the below command:

[root@server1 ]# last | grep boot
reboot   system boot  2.6.18-308.el5   Sat Nov 19 09:38         (97+00:06)
reboot   system boot  2.6.18-308.el5   Sat Oct 22 10:49         (27+23:33)


You may see many other issues while you are working, please feel free to post the issues here. I can surely get something interesting for you accordingly.

Click here: Logs in Linux (Centos&RedHat) - PART2
Click here: Logs in Linux (Centos&RedHat) - PART3

HAPPY LINUX LEARNING :)

Logs in Linux (Centos&RedHat) - PART2


This week's article from My blog is about must know Linux(RHEL/CentOS/Fedora) logs apart from /var/log/messages which was covered in Logs in Linux (Centos&RedHat) - PART1 .

 As you might already have noticed, my blog gives preference to practical implementation of the knowledge rather than just putting it down on a paper.
 
 
Below are the list of logs which can be used on daily basis by an enterprise Linux System Administrator and by the people who is fond of Linux to fix various issues on a Linux Server :). 

1. /var/log/maillog:


This log gives the information about the mail server application which is deployed on your Linux server.


 Different mail servers  that can be deployed on a Linux Servers are:
 
1.Mutt – Command Line Email Client (default in Linux)
2.Sendmail
3.Qmail
4.Postfix
5.Alpine
6.Exim
7.Zimbra
 
Entries in /var/log/maillog file are usually like below:
 
Feb 21 04:05:01 Server1 sendmail[1120]: v1Q9916l008142: from=username, size=374, class=0, nrcpts=1, msgid=<2017022119263 .v1q9916l008142="" server1.domainname.com="">, relay=username@localhost
 
Feb 21 04:10:01 server1 sendmail[1953]: v1a0d1rc019730: from=, size=647, class=0, nrcpts=1, msgid=<201702210905 .v1a0d1rc019730="" server1.domainname.com="">, proto=ESMTP, daemon=MTA, relay=username [127.0.0.1]
 
Feb 21 04:10:01 server1 sendmail[1246]: v1Q9x2vg319764: to=username, ctladdr=username (27341/674), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30374, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (v1Q9x2vg319764 Message accepted for delivery) 
 
The above lines show, at what time the message was sent or received, server name, the mail server deployed on Linux, message ID, message size, protocol (Usually SMTP) and relay(Mail server) used for the message to be sent/received. 
server1   ⇒ Linux Servername;
sendmail ⇒ is mail server  that was deployed on my Linux Server;
v1Q9916l008142⇒ message id

 When do you look into maillog?


 1.If mails are not sending or receiving as expected or mails are not at all working

2.If mail sending and receiving is delayed
3.If you see mail server is not accepting the connections message when you try to send an email
4.To see if any spamming is happening or if the messages are still in Queue
5. Just to make sure no other errors and warnings are present in the logs as a regular practise to keep your mail server moving without any disruption. 

Symptoms to doubt in maillog: 


  • Rejecting connections
Fix:  Make sure your smtp server which is configured in /etc/mail/sendmail.cf is reachable and functioning
  • unable to qualify my own domain name (localhost)
Fix:  Add the below line to make this work
(Replace server1 with your server name)
127.0.0.1  server1 localhost.localdomain localhost  

2. /var/log/lastlog:

 

This log file is a data file unlike other log files which are  text files.So, we cannot directly read this file using vi/more/vim/tail/head/cat like commands.
[root@server1 ~]# file /var/log/lastlog
/var/log/lastlog: data
[root@server1 ~]# file /var/log/secure
/var/log/secure: ASCII text
  • Linux has provided #lastlog command to get the readable details from /var/log/lastlog file.
  • #lastlog command gives the details about most recent login of all users or of a given user
Sample Output of #lastlog command is as below:
 
allen                               **Never logged in**
ntp                                 **Never logged in**
appuser           pts/1     Fri Sep 16 15:35:56 -0400 2016
albert            pts/0    192.168.1.1      Wed Mar 16 22:35:05 -0400 2016
general           pts/0    192.168.2.1     Fri Mar 30 22:02:26 -0400 2012
ftp_user          pts/2    x.x.x.x      Wed Jun 25 14:16:06 -0400 2014 
 
In the above output, first column represents username, third column shows the source system from where user jumped onto the target server and the last column shows the most recent login time of the user. 
 
We can get the logon details of a particular user as well like below:
 
[root@server1 ~]# lastlog -u abc
Username         Port     From                         Latest
abc              pts/2    anotherserver.domain.com  Wed Feb  5 10:55:13 -0500 2017
 
 
PURPOSE OF THIS FILE:
 
  1. The output from this file/command can be used to track user’s recent login details or what users visited the server in the recent past.
  2. This file will NOT have any errors, so can be treated as an informative file and rarely used in any troubleshooting.
 
Last but not least,Linux Man Page is available for #lastlog command 

3. /var/log/wtmp:


 This file is also a data file like /var/log/lastlog.

Linux has provided #last OR #lastb commands to read this file to get required information.
However, in some cases, the file /var/log/wtmp may not be present as defined in admin’s local configuration. 
PURPOSE OF THE COMMAND #LAST:
 
  1. #last command displays a list of all users logged in (and out) on the Linux Server
  2. Use #last command to find out easily who was logged in at a particular time (need to specify that time with -t ).
  3. No need to bother about the data file(wtmp) anytime as we have last available readily.
  4. To find out server’s last reboot time details  
Sample output of the command#last: 
root        pts/2        192.168.1.1         Wed Jan 14 10:05 - 11:28  (00:23)
root        pts/0        192.168.1.2         Wed Jan 14 09:29 - 9:11   (00:42)
root        pts/0        server2.domain.com  Tue Jan 13 01:02 - 09:13  (02:11)
appuser   pts/3        192.168.1.4         Mon Jan 12 14:54 - 11:05  (03:11)
admin pts/0        server1.domain.com   Thu Jan  8 00:04 - 00:07  (00:00)
 
Column1 =>Username
Column2=>tty
Column3=>jump server from where user logged onto our Linux Server
Column4=>User logon time
 
IMPORTANT POINT:
 
The pseudo username “reboot” logs in each time the system is rebooted for any reason. So the command  “#last reboot” will show a log of all reboots or at least the last 5 reboots of server which is very useful to troubleshoot any server availability related issues.
 
[root@server3 ~]# last reboot
reboot   system boot  2.6.18-308.el5   Tue Jun 2  09:33         (247+19:50)
reboot   system boot  2.6.18-308.el5   Thu Jan 1  23:47         (529+08:41)
reboot   system boot  2.6.18-274.3.1.e Thu Jan 09 23:29          (00:12)
reboot   system boot  2.6.18-194.26.1. Thu Jan 17 23:13          (00:12)
reboot   system boot  2.6.18-194.26.1. Thu Jan 12 22:29          (00:38)
**There is #lastb command as well which exclusively shows only the logins which are failed or the so called bad logins. 
------------------------------------THE END OF PART2-----------------------------------

HAPPY LINUX LEARNING :)
Click here: Logs in Linux (Centos&RedHat) - PART1
Click here: Logs in Linux (Centos&RedHat) - PART2
Click here: Logs in Linux (Centos&RedHat) - PART3