In Linux, you can verify system restarts and view reboot history using various commands and log files. Here are some methods to check and verify system restarts:

1. Using the last Command:The last command displays a list of system login entries and system shutdown/reboot times. To view reboot history, run:
   • last reboot The output will show a list of system reboot times, who initiated the reboot, and from which terminal or IP address it occurred.
2. Checking System Logs:System logs contain information about system events, including reboots. The /var/log/messages or /var/log/syslog file typically contains reboot information. You can use grep to filter the relevant entries:
   • grep 'reboot' /var/log/messages orbashCopy codegrep 'reboot' /var/log/syslog This will display lines indicating system reboots along with timestamps.
3. Using the uptime Command:The uptime command provides information about system uptime, including the current time, how long the system has been up, and the number of logged-in users. The load average values can also give you an idea if the system recently restarted:
   • uptime If the system uptime is low, it suggests a recent restart.
4. Checking the /var/log/wtmp File:The /var/log/wtmp file contains a record of all logins and logouts, including system reboots. You can use the last command with the -f option to view this file:
   • last -f /var/log/wtmp This will display a more detailed history of logins, logouts, and reboots.
5. Using Audit Logs (if configured):If you have the auditd service configured and running, it may log system events, including reboots, in /var/log/audit/audit.log. You can use the ausearch and aureport commands to search for and report on reboot events in the audit log.

These methods should help you verify system restarts and identify when and why they occurred. The choice of method may depend on your specific needs and the availability of logs on your system.