Pure-Python library to decode/read utmp and wtmp files https://pypi.org/project/utmp/

python

Go to file

Henning Jacobs 111297d808 v21.10.0		2021-10-06 19:53:07 +02:00
tests	add first test and argparse	2014-11-13 23:02:22 +01:00
utmp	v21.10.0	2021-10-06 19:53:07 +02:00
.gitignore	add first test and argparse	2014-11-13 23:02:22 +01:00
LICENSE.txt	add LICENSE.txt (#4 )	2020-11-10 07:34:28 +01:00
MANIFEST.in	add requirements.txt to sdist	2014-11-14 19:15:34 +01:00
README.rst	add first test and argparse	2014-11-13 23:02:22 +01:00
requirements.txt	initial commit	2014-11-13 22:33:45 +01:00
setup.py	v20.10.0	2020-10-03 15:46:46 +02:00
tox.ini	initial commit	2014-11-13 22:33:45 +01:00

README.rst

utmp

Pure-Python library to decode/read utmp and wtmp files. Please note that there is an alternative library which uses the underlying C API: pyutmp

This package requires Python 3.4.

What is utmp/wtmp?

utmp, wtmp, btmp and variants such as utmpx, wtmpx and btmpx are files on Unix-like systems that keep track of all logins and logouts to the system.

The utmp file keeps track of the current login state of each user. The wtmp file records all logins and logouts history. The btmp file records failed login attempts.

On Linux the wtmp and btmp files are usually located in the /var/log/ directory.

Usage

The utmp.read function decodes a binary utmp/wtmp stream and yields record objects:

with open('/var/log/wtmp', 'rb') as fd:
    buf = fd.read()
    for entry in utmp.read(buf):
        print(entry.time, entry.type, entry)