🧭 LastLog-Audit

Analyzing system login activities.
A Python tool to analyze and export login activity from /var/log/lastlog for security.

📜 Table of Contents

Click to collapse/expand

1. 📖 About
2. 🛠️ Installation
3. 🎮 Usage
4. 🤝 Contributing
5. 📜 License
6. 📞 Contact

📖 About

LastLog-Audit is a lightweight Python tool designed to parse and analyze system login activity stored in /var/log/lastlog.

Originally built for personal use and professional system audits, this tool offers customizable output (table/line) and export options (TXT/CSV) for easy reporting, tracking, and compliance.

⚙️ Note: LastLog-Audit is a simple, focused tool — perfect for quick audits and reviews.

⚙️ Features of LastLog-Audit

• ✅ Parse /var/log/lastlog and extract login records (terminal, hostname, last login date).
• ✅ Optionally include usernames mapped via system UID.
• ✅ Multiple output modes: clean table view or line output (easy for grep/awk parsing).
• ✅ Export to TXT or CSV formats for archiving and sharing reports.

(🔼 Back to top)

🚀 Installation

Before getting started, make sure you meet the following prerequisites.

Prerequisites

1. Python 3: Ensure Python 3 is installed on your system.

2. Dependencies: No external libraries required.

LastLog-Audit relies only on Python's standard library — ready to use out-of-the-box on any modern Linux system (Python 3.7+).

⚙️ Optional: For Python 3.6 support, you may install the backport of dataclasses via pip install dataclasses.

⚠️ Note: LastLog-Audit has been tested on Python 3.11.10 under Linux. While it might work on other versions or operating systems, compatibility is officially guaranteed only for this specific setup.

Installation Methods

1. Clone the repository via Git:

git clone https://github.com/franckferman/LastLog-Audit.git

2. Direct download of the script (without Git): If you only need the script without cloning the entire repository:

curl -O https://raw.githubusercontent.com/franckferman/LastLog-Audit/stable/src/LastLog-Audit.py

(🔼 Back to top)

🎮 Usage

Make sure to adjust the commands based on your setup.

Basic usage

To display the full help menu and explore available options:

python3 LastLog-Audit.py --help

📝 Example Commands

Task	Command
Parse and display lastlog in a table	python3 LastLogAudit.py
Show logins in a simple line format	python3 LastLogAudit.py --display line
Include usernames (if available)	python3 LastLogAudit.py --include-username
Export to CSV	python3 LastLogAudit.py --export output.csv --export-format csv
Export to TXT (table format)	python3 LastLogAudit.py --export output.txt
Parse a custom lastlog file	python3 LastLogAudit.py --file /path/to/custom_lastlog

(🔼 Back to top)

🤝 Contributing

We truly appreciate and welcome community involvement. Your contributions, feedback, and suggestions play a crucial role in improving the project for everyone. If you're interested in contributing or have ideas for enhancements, please feel free to open an issue or submit a pull request on our GitHub repository. Every contribution, no matter how big or small, is highly valued and greatly appreciated!

(🔼 Back to top)

📚 License

This project is licensed under the GNU Affero General Public License, Version 3.0. For more details, please refer to the LICENSE file in the repository: Read the license on GitHub

(🔼 Back to top)

📞 Contact

(🔼 Back to top)