I need to monitor the active users at present from my system. I have around 300 users in the password file. And I am sure around 100 of them may be old users (means they are either not using my system or they already left the company). I need to track
a- how many current users are there on my system this month?
b- how many were there in the last month?
c- how many were there in month before that?

Because we have file system problem time to time we compress our wtmp & btmp files.

Please give a better solution to solve this problem.
Thank you very much in advance for the unix wizards.
Who is Participating?
alextrConnect With a Mentor Commented:
Since you must use "last" command to have simle solution on it you should decompress your wtmpx file and for example you could perform this command
last | grep <Month> | awk '{print $1}' | sort | uniq
to obtain month you could extract it from "date" command. I hope it helps.
rinameAuthor Commented:
Please try to give an answer asap.
try this...... (I did it in tcsh so that the * would break out)

cd /home
finger -s *

If that gives you a report of all your users and the last time they were in then you've got a good start. Grep for the month you want and pipe it thru WC with an L switch for line count which will give you a quick count.
cd /home
finger -s * | grep "Jun " |wc -l  

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

forgot to mentiont aht the asterisk is using the home dir names for a list of who to finger. If "finger -s name" is an option but the asterisk trick doesnt work then let me know and I will do a longer version for you to get a list of users.

why don't you use the who command on the wtmp file?

IE: who /etc/wtmp
chevi      pty/ttyfa    Jun 30 16:02
chevi      pty/ttyfb    Jun 30 16:03
chevi      pty/ttyf3    Jun 30 16:14
chevi      pty/ttyf3    Jun 30 16:15
chevi      pty/ttyf1    Jun 30 16:51
chevi      pty/ttyf1    Jun 30 17:07
chevi      pty/ttyf1    Jun 30 17:46
chevi      pty/ttyf1    Jun 30 18:09
icbiret    pty/ttyf1    Jul  1 08:01
root       ttyp1        Jul  1 08:23
chevi      pty/ttyf1    Jul  1 08:36
chevi      pty/ttyf1    Jul  1 08:50
icbcet1    pty/ttyf2    Jul  1 08:51
chevi      pty/ttyf1    Jul  1 09:33
chevi      pty/ttyf2    Jul  1 09:35
root       ttyp2        Jul  1 09:39
chevi      pty/ttyf1    Jul  1 10:31
chevi      pty/ttyf2    Jul  1 10:31
chevi      pty/ttyf1    Jul  1 11:10
root       ttyp2        Jul  1 11:43

that gives the login, the tty and the date


rinameAuthor Commented:
It works fine. Excellent.

 last | grep Jul | awk '{print $1}' | sort | uniq | wc -l

finger -s * | grep "Jun" | wc -l

The finger command (from another well wisher) gives slightly different answer. can you pls elaborate.

Thank you very much.

I think with finger you cannot have good results.
Then using * you have no good information. I tried but it didn't return info related on logged users.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.