1
00:00:00,000 --> 00:00:01,930
[No audio]

2
00:00:01,930 --> 00:00:03,094
Let's see monitor users.

3
00:00:03,142 --> 00:00:05,814
We have created them, now we have to manage them,

4
00:00:05,852 --> 00:00:09,906
because that's one of the basic job for any system

5
00:00:09,968 --> 00:00:15,022
administrators or engineer or systems guy to monitor the

6
00:00:15,046 --> 00:00:17,960
users, what they are doing in our system.

7
00:00:18,470 --> 00:00:22,610
Some of the commands to monitor those users are who.

8
00:00:22,610 --> 00:00:25,026
who tells you who is logged in into the system.

9
00:00:25,148 --> 00:00:30,762
last, w, finger, and id.

10
00:00:30,956 --> 00:00:32,338
These are the few commands.

11
00:00:32,374 --> 00:00:35,118
There are many other commands as well, but these

12
00:00:35,144 --> 00:00:38,034
are the few basic commands that are mostly used

13
00:00:38,192 --> 00:00:41,866
in Linux environment where you can monitor users.

14
00:00:41,998 --> 00:00:45,138
Let's look at our Linux machine by going into our

15
00:00:45,164 --> 00:00:48,980
Linux console and run these commands to practice them.

16
00:00:48,980 --> 00:00:53,070
[No audio]

17
00:00:53,070 --> 00:00:57,190
Okay, we are logged in, let's clear our screen and see

18
00:00:57,300 --> 00:01:01,382
who we are, good, we are ourselves, and we are in our directory.

19
00:01:01,466 --> 00:01:04,358
And of course now you should know to type hostname,

20
00:01:04,453 --> 00:01:08,220
and our hostname is the name of our system.

21
00:01:09,150 --> 00:01:10,500
Let's clear this.

22
00:01:11,310 --> 00:01:15,300
The first command is who. who is going to tell you

23
00:01:16,170 --> 00:01:19,500
how many people are logged in, and their user ID,

24
00:01:19,890 --> 00:01:23,698
their terminal ID, and the time they were logged in.

25
00:01:23,844 --> 00:01:27,550
So I have logged in in my console, in my GUI

26
00:01:28,170 --> 00:01:31,930
with column 0, and I have opened up a terminal right here.

27
00:01:31,980 --> 00:01:36,635
It tells me the pts is the terminal, /0, and the time I opened it up.

28
00:01:37,812 --> 00:01:42,784
If I wanted to open up another window,

29
00:01:43,950 --> 00:01:45,742
so if you do right click and Open

30
00:01:45,816 --> 00:01:49,310
Terminal, so you open up another terminal.

31
00:01:49,430 --> 00:01:52,510
Now when you type who, it should show

32
00:01:52,560 --> 00:01:56,618
you three terminals that says iafzal..

33
00:01:56,654 --> 00:02:01,430
What if I log in as spiderman?

34
00:02:01,550 --> 00:02:04,358
So let's go to our PuTTY terminal

35
00:02:04,394 --> 00:02:06,120
and put in our IP address.

36
00:02:06,810 --> 00:02:11,940
I believe it's 192.168.56.101,

37
00:02:11,940 --> 00:02:15,910
sorry 56.101.

38
00:02:15,910 --> 00:02:18,362
You could check that by again

39
00:02:18,436 --> 00:02:20,898
running the command ifconfig.

40
00:02:21,054 --> 00:02:22,000
There you go.

41
00:02:23,590 --> 00:02:26,594
So we'll open that. Now

42
00:02:26,632 --> 00:02:29,750
this time we log into, login as spiderman.

43
00:02:29,750 --> 00:02:37,559
[Author typing]

44
00:02:37,559 --> 00:02:38,570
Okay.

45
00:02:38,570 --> 00:02:42,320
And now let's clear the screen and check.

46
00:02:42,320 --> 00:02:44,450
[No audio]

47
00:02:44,450 --> 00:02:51,402
Now you see we have 4. 1, 2, 3, 4, and

48
00:02:51,416 --> 00:02:53,626
the fourth one is used by spiderman.

49
00:02:53,818 --> 00:02:56,022
So this is the main function

50
00:02:56,096 --> 00:02:57,706
or main purpose of the command

51
00:02:57,778 --> 00:03:02,418
who. The reason we run this command who all the

52
00:03:02,444 --> 00:03:04,830
time, or most of the time is when there is

53
00:03:04,940 --> 00:03:07,794
a very high load in the system and you want

54
00:03:07,832 --> 00:03:11,600
to see how many people are logged into the system.

55
00:03:13,310 --> 00:03:16,760
Next command we're going to learn is last.

56
00:03:16,760 --> 00:03:21,090
[Author typing]

57
00:03:21,090 --> 00:03:23,400
Let's close the one in the back.

58
00:03:23,400 --> 00:03:30,730
[Author typing]

59
00:03:30,730 --> 00:03:35,382
last command tells you all the details of every users

60
00:03:35,406 --> 00:03:37,574
that have been logged in since the day one.

61
00:03:37,612 --> 00:03:40,466
So when you type last, hit enter, you see

62
00:03:40,528 --> 00:03:42,902
everything comes up in the screen so fast.

63
00:03:43,036 --> 00:03:44,786
I wanted to see one page at a

64
00:03:44,788 --> 00:03:46,682
time, then how do I do that?

65
00:03:46,756 --> 00:03:50,500
You do last, pipe it, and more it.

66
00:03:51,670 --> 00:03:53,726
And this will tell you the last time

67
00:03:53,788 --> 00:03:55,554
the user that logged in is spiderman.

68
00:03:55,602 --> 00:03:58,482
Of course, this is the name, this is the user

69
00:03:58,506 --> 00:04:00,614
that I logged in and this is the time I

70
00:04:00,652 --> 00:04:02,802
logged in and it's telling you it is still logged

71
00:04:02,826 --> 00:04:06,198
in and it tells you every user that's been logged

72
00:04:06,234 --> 00:04:09,162
in and every user who's been logged in and rebooted

73
00:04:09,186 --> 00:04:11,920
the system and whatever happened to the system.

74
00:04:13,150 --> 00:04:17,378
So let's say if your system reboots or shuts down

75
00:04:17,464 --> 00:04:22,550
or crashes unexpectedly, and you suspect someone was logged in

76
00:04:22,720 --> 00:04:25,610
and you wanted to see what time they logged in,

77
00:04:25,660 --> 00:04:28,958
which IP they used to log into, what date and

78
00:04:28,984 --> 00:04:31,780
time they logged in, all the information is here.

79
00:04:32,524 --> 00:04:36,926
If you wanted to see the first column of

80
00:04:36,988 --> 00:04:44,150
your output of last, this is your last, right? last,

81
00:04:44,260 --> 00:04:45,782
and you run that and you want to

82
00:04:45,796 --> 00:04:47,958
see only the first column, all the usernames

83
00:04:47,994 --> 00:04:51,280
only, then what command you would run.

84
00:04:51,670 --> 00:04:53,322
This is a kind of pop quiz.

85
00:04:53,346 --> 00:05:00,200
You do last, pipe it, awk, dollar one,

86
00:05:01,850 --> 00:05:03,474
and you get the first one.

87
00:05:03,572 --> 00:05:05,794
Now you just wanted to remove the duplicates,

88
00:05:05,842 --> 00:05:06,920
then what do you do?

89
00:05:07,490 --> 00:05:12,618
You do sort, that sorts out, and you

90
00:05:12,644 --> 00:05:17,166
type uniq. There you go, and then you will see only

91
00:05:17,228 --> 00:05:18,798
these other users have been logged in.

92
00:05:18,824 --> 00:05:20,818
iafzal, reboot,

93
00:05:20,974 --> 00:05:24,162
that's also a protocol that is

94
00:05:24,236 --> 00:05:26,026
used to log in, spiderman,

95
00:05:26,098 --> 00:05:28,906
and there's another user wtmp.

96
00:05:29,098 --> 00:05:32,298
Another command that we learned is w. w works pretty

97
00:05:32,324 --> 00:05:35,214
much the same as who, but it will give

98
00:05:35,252 --> 00:05:38,934
you a little more information than who gives you.

99
00:05:39,032 --> 00:05:42,018
The login time, the idle time, and what are

100
00:05:42,044 --> 00:05:44,722
these processes being run by what user.

101
00:05:44,806 --> 00:05:46,400
So it gives you a little more detail.

102
00:05:47,030 --> 00:05:50,490
The next one is finger. When you run finger,

103
00:05:51,350 --> 00:05:56,634
now finger command is the command that is added to

104
00:05:56,672 --> 00:05:59,854
your system. So it does not come with your distribution,

105
00:05:59,902 --> 00:06:00,882
you have to add it.

106
00:06:00,896 --> 00:06:03,260
It's a program, it's a very powerful program.

107
00:06:03,770 --> 00:06:07,518
It basically does the trace of your user, where

108
00:06:07,544 --> 00:06:09,774
it's coming from, what kind of protocol it's using.

109
00:06:09,872 --> 00:06:11,994
So you could need to install that.

110
00:06:12,152 --> 00:06:14,600
So we will leave that out for now.

111
00:06:14,600 --> 00:06:21,930
[No audio]

112
00:06:21,930 --> 00:06:23,940
The next one is id.

113
00:06:25,050 --> 00:06:28,078
When you hit id without the username, it will give

114
00:06:28,104 --> 00:06:31,894
you the information about your own self. Your username, your

115
00:06:31,932 --> 00:06:35,674
group id, and what part of other groups you are.

116
00:06:35,832 --> 00:06:39,562
If you run id, and you do spiderman, then it

117
00:06:39,576 --> 00:06:41,774
will give you the information about the other users.

118
00:06:41,882 --> 00:06:44,498
So these are the few commands to monitor the users.

119
00:06:44,534 --> 00:06:46,618
I hope you will remember them and

120
00:06:46,644 --> 00:06:49,042
I hope you will practice them. Again,

121
00:06:49,116 --> 00:06:50,638
the way to practice is to

122
00:06:50,664 --> 00:06:52,354
run them with different options.

123
00:06:52,512 --> 00:06:55,270
And how do you find the option, is by

124
00:06:55,320 --> 00:06:59,566
running man, and do who, and you will find different

125
00:06:59,748 --> 00:07:04,078
options and I would highly urge you to please

126
00:07:04,164 --> 00:07:07,200
use different options just for practice.

127
00:07:07,200 --> 00:07:08,373
[No audio]