Home Linux Commands How to Check Linux Commands History by Dates

How to Check Linux Commands History by Dates

The history command in Linux is used to view previously executed commands from the terminal. It will show a list of commands, with an ‘id’ next to each command.

[ You might also like: 3 Useful Tips on How to Use History Command in Linux ]

View History Last Executed Linux Commands

The historically run commands are stored in a dedicated file by the Linux shell.

$ history 
View History of Commands Run in Terminal
View History of Commands Run in Terminal

Set History Date and Time for Each Command

The history command also stores the date and time of executing the command, however, does not, by default, show the time of execution of past commands.

To make history show the date as well, we need to set the global variable HISTTIMEFORMAT in the shell to the appropriate format, which can be done using the export command as follows:

$ export HISTTIMEFORMAT='%F %T'
$ history
Set History Timestamps for Each Linux Command
Set History Timestamps for Each Linux Command

View Linux Command History by Date

Now, you can pipe the above history command output to ‘grep‘ to get a history of commands executed on a particular date.

$ history | grep '2021-01-25'
View History Commands by Date
View History Commands by Date

Similarly, you can also filter the output for multiple key dates.

$ history | grep -E '2021-01-25|2021-01-23'
View History Commands by Date Range
View History Commands by Date Range

Using this way, you can specify the dates as patterns for the last 'N' days, or some other combination of dates, and thus get command history for all those dates.

For example, to get command history from the last third to last the fifth date, you can use:

$ history | grep -E '2021-01-23|2021-01-22|2021-01-21'

Now, when we export the variable ‘HISTTIMEFORMAT‘ to the shell profile from the command line, it is exported just for the session, i.e., till the time the terminal is running, after which the variable is removed from the shell profile.

Permanently Set History Date and Time for Each Command

To permanently add the variable to the shell profile, add the export statement to your shell profile file (every command from which runs at the start of a shell).

For example, in the case of ‘Bash‘, run the following to export the variable permanently.

$ export HISTTIMEFORMAT='%F %t' >> ~/.bash_profile

If the file .bash_profile exists, the operator '>>‘ will append the export statement to the file, otherwise, it creates the file and writes the statement.

Conclusion

In this article, we have learned how to check the command history of the last few days in Linux. For more information on the history command, make sure you check out its command line manual page by running:

$ man history

Thanks for reading and let us know your questions or thoughts in the comments below!

Ravi Saive
I am an Experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies. Founder of TecMint.com, LinuxShellTips.com, and Fossmint.com. Over 150+ million people visited my websites.

Each tutorial at UbuntuMint is created by a team of experienced writers so that it meets our high-quality standards.

Was this article helpful? Please add a comment to show your appreciation and support.

1 thought on “How to Check Linux Commands History by Dates”

  1. I would like to see how some experts peruse secure and messages file to filter out IP addresses that failed ssh logins.

    I wrote a simple bash script that does that then using gawk to isolate the failed IP Address. Then create a firewall rule to refuse that IP access. I could also use /etc/hosts.deny ALL:ALL.

    Reply

Got something to say? Join the discussion.

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published or shared. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.