Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/franckferman/lastlog-audit

A Python tool to analyze and export login activity from /var/log/lastlog for security.
https://github.com/franckferman/lastlog-audit

forensic forensic-tools forensics forensics-tools lastlog lastlogin lastlogontimestamp linux linux-logs linux-python linux-security linux-security-audit logs logs-analysis parser-python python python-3 python-linux python-linux-audit python3

Last synced: 10 months ago
JSON representation

A Python tool to analyze and export login activity from /var/log/lastlog for security.

Awesome Lists containing this project

README 

          



[![Contributors][contributors-shield]](https://github.com/franckferman/LastLog-Audit/graphs/contributors)

[![Stargazers][stars-shield]](https://github.com/franckferman/LastLog-Audit/stargazers)

[![License][license-shield]](https://github.com/franckferman/LastLog-Audit/blob/stable/LICENSE)





  LastLog-Audit Logo




🧭 LastLog-Audit




    Analyzing system login activities.

    


    A Python tool to analyze and export login activity from /var/log/lastlog for security.







## 📜 Table of Contents



  Click to collapse/expand

  
    

        
  1. 📖 About
    2. 

        
  2. 🛠️ Installation
    3. 

        
  3. 🎮 Usage
    4. 

        
  4. 🤝 Contributing
    5. 

        
  5. 📜 License
    6. 

        
  6. 📞 Contact
    7. 

      



## 📖 About



**LastLog-Audit** is a lightweight Python tool designed to **parse and analyze system login activity** stored in `/var/log/lastlog`.



Originally built for personal use and professional system audits, this tool offers **customizable output** (table/line) and **export options (TXT/CSV)** for easy reporting, tracking, and compliance.



> ⚙️ **Note:** LastLog-Audit is a simple, focused tool — perfect for quick audits and reviews.



### ⚙️ **Features of _LastLog-Audit_**



- ✅ Parse `/var/log/lastlog` and extract login records (terminal, hostname, last login date).

- ✅ Optionally **include usernames** mapped via system UID.

- ✅ **Multiple output modes**: clean **table view** or **line output** (easy for grep/awk parsing).

- ✅ **Export to TXT or CSV** formats for archiving and sharing reports.



(🔼 Back to top)



## 🚀 Installation



Before getting started, make sure you meet the following prerequisites.



### Prerequisites



1. **Python 3**: Ensure Python 3 is installed on your system.



2. **Dependencies**: No external libraries required.



LastLog-Audit relies **only on Python's standard library** — ready to use out-of-the-box on any modern Linux system (Python 3.7+).



> ⚙️ Optional: For Python 3.6 support, you may install the backport of `dataclasses` via `pip install dataclasses`.



> ⚠️ Note: LastLog-Audit has been tested on Python 3.11.10 under Linux. While it might work on other versions or operating systems, compatibility is officially guaranteed only for this specific setup.



### Installation Methods



1. **Clone the repository via Git**:

```bash

git clone https://github.com/franckferman/LastLog-Audit.git

```



2. **Direct download of the script (_without Git_)**:

If you only need the script without cloning the entire repository:

```bash

curl -O https://raw.githubusercontent.com/franckferman/LastLog-Audit/stable/src/LastLog-Audit.py

```



(🔼 Back to top)



## 🎮 Usage



Make sure to adjust the commands based on your setup.



### **Basic usage**



To display the full help menu and explore available options:



```bash

python3 LastLog-Audit.py --help

```



### 📝 **Example Commands**



| Task | Command |

| --- | --- |

| Parse and display lastlog in a table | `python3 LastLogAudit.py` |

| Show logins in a simple line format | `python3 LastLogAudit.py --display line` |

| Include usernames (if available) | `python3 LastLogAudit.py --include-username` |

| Export to CSV | `python3 LastLogAudit.py --export output.csv --export-format csv` |

| Export to TXT (table format) | `python3 LastLogAudit.py --export output.txt` |

| Parse a custom lastlog file | `python3 LastLogAudit.py --file /path/to/custom_lastlog` |



(🔼 Back to top)



## 🤝 Contributing



We truly appreciate and welcome community involvement. Your contributions, feedback, and suggestions play a crucial role in improving the project for everyone. If you're interested in contributing or have ideas for enhancements, please feel free to open an issue or submit a pull request on our GitHub repository. Every contribution, no matter how big or small, is highly valued and greatly appreciated!



(🔼 Back to top)



## 📚 License



This project is licensed under the GNU Affero General Public License, Version 3.0. For more details, please refer to the LICENSE file in the repository: [Read the license on GitHub](https://github.com/franckferman/LastLog-Audit/blob/stable/LICENSE)



(🔼 Back to top)



## 📞 Contact



[![ProtonMail][protonmail-shield]](mailto:contact@franckferman.fr)

[![LinkedIn][linkedin-shield]](https://www.linkedin.com/in/franckferman)

[![Twitter][twitter-shield]](https://www.twitter.com/franckferman)



(🔼 Back to top)



[contributors-shield]: https://img.shields.io/github/contributors/franckferman/LastLog-Audit.svg?style=for-the-badge

[contributors-url]: https://github.com/franckferman/LastLog-Audit/graphs/contributors

[stars-shield]: https://img.shields.io/github/stars/franckferman/LastLog-Audit.svg?style=for-the-badge

[stars-url]: https://github.com/franckferman/LastLog-Audit/stargazers

[license-shield]: https://img.shields.io/github/license/franckferman/LastLog-Audit.svg?style=for-the-badge

[license-url]: https://github.com/franckferman/LastLog-Audit/blob/stable/LICENSE

[protonmail-shield]: https://img.shields.io/badge/ProtonMail-8B89CC?style=for-the-badge&logo=protonmail&logoColor=blueviolet

[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge&logo=linkedin&colorB=blue

[twitter-shield]: https://img.shields.io/badge/-Twitter-black.svg?style=for-the-badge&logo=twitter&colorB=blue