What is the purpose of the command 'lastb' in Linux?

The command 'lastb' in Linux serves the specific purpose of displaying bad login attempts. It reads from the "/var/log/btmp" file, which keeps a record of unsuccessful login attempts on the system. This utility is particularly useful for system administrators to monitor potential unauthorized access attempts and to help identify malicious activity.

By using 'lastb', administrators can enhance their security measures by analyzing patterns of failed logins—such as repeated attempts from a specific IP address—allowing them to take proactive steps to secure the system. Having this information helps in detecting attacks, such as brute force attacks, and can inform decisions about configuring firewalls, adjusting security policies, or implementing additional protections like account lockout mechanisms.

The other options focus on different aspects of system management that do not relate directly to tracking bad login attempts. For instance, viewing system logs, showing real-time logs, or configuring log rotation are important tasks but are performed with different commands and utilities, making 'lastb' uniquely suited for the specific task of monitoring failed login attempts.