Monitoring Real-time user logins in ubuntu

Sponsored Link
Whowatch is an console, interactive users and process monitoring tool.It displays information about the users currently logged on to the machine, in real-time. Besides standard informations (login name, tty,host, userâs process), the type of the connection (ie. telnet or ssh) is shown. Display of users command line can be switch to tty idle time. Certain user can be selected and his processes tree may be viewed as well as tree of all system processes. Tree may be displayed with additional column that shows owner of each process. In the process tree mode SIGINT and SIGKILL signals can be sent to the selected process. Killing processes is just as simple and fun as deleting lines on the screen.

Install whowatch in ubuntu

sudo apt-get install whowatch

This will install all the required packages for whowatch

Using whowatch

Whowatch has no command line options or configuration file.

If you want to open the whowatch you need to run the following command

whowatch

Now you should see similar to the following screen

All actions are performed in real time by pressing following keys

up,down -- cursor movement

i -- toggle between user command line and idle time

c -- full command line on/off. Disabling full command line can save CPU time. It can give you also some additional information about process executable.

enter -- view selected users processes tree.

t -- all system processes (init tree)

Tree mode:

up,down -- cursor movement

enter -- go back to users list

o -- show processes owners

c -- full command line on/off. Disabling full command line can save CPU time. It can give you also some additional information about process executable.

Ctrl-I -- send INT signal to selected process

Ctrl-K -- send KILL signal to selected process

s -- It will provide the system details

d -- Details about the user

Sponsored Link

Incoming search terms:

Related posts

2 thoughts on “Monitoring Real-time user logins in ubuntu

  1. Is it possible to make whowatch log information? Even temporarily? I realize this will effect performance but I think I have someone who may be logging in for malicious purposes. Any help is appreciated.

    [Reply]

Leave a comment

Your email address will not be published. Required fields are marked *