Most of the log files are located at
/var/log/
btmp, utmp, wtmp
last -f /var/log/btmp | more
last
recent login information for all the users
lastlog
/var/log/secure contains information about authentication and authorization
auth.log
maillog
