Is anyone aware of any osquery work/extensions for getting data from

/var/log/lastlog

on Linux? The

last

table is great, but it only seems to consult the

/var/log/wtmp

file, which is often rotated such that it may not preserve last login times for all users.