linux-failed-logins

Retrieves the log of failed login attempts from the /var/log/btmp file.

Syntax

linux-failed-logins [ignore-error=BOOL]
Optional Parameter
ignore-error=BOOL
Boolean option to handle error when the /var/log/btmp file cannot be read (default: f).
  • t: Exits gracefully if an error occurs
  • f: Fails if an error occurs

Description

After running the linux-system-files command, the output fields are as follows:

Output Fields

FieldTypeDescription
_timeDateLast failed login time
src_ipIPv4 addressRemote IP address from which login was attempted
userStringUser ID