WATCHFMT. Like the various prompt parameters, many useful escape sequences can be used...
Straight from the man page... (almost)
%n The name of the user that logged in/out. %a The observed action, i.e. "logged on" or "logged off". %l The line (tty) the user is logged in on. %M The full hostname of the remote host. %m The hostname up to the first `.'. If only the IP address is available or the utmp field contains the name of an X-windows display, the whole name is printed. NOTE: The `%m' and `%M' escapes will work only if there is a host name field in the utmp on your machine. Otherwise they are treated as ordinary strings. %S (%s) Start (stop) standout mode. %U (%u) Start (stop) underline mode. %B (%b) Start (stop) boldface mode. %t or %@ The time, in 12-hour, am/pm format. %T The time, in 24-hour format. %w The date in `day-dd' format. %W The date in `mm/dd/yy' format. %D The date in `yy-mm-dd' format.
This is very similar to the conditional tests in prompt strings.
x evaluates to true, format
print it. If
evaluates to false, format
false-text instead and print it.
:'s can actually be any arbitrary character. The
x is one of 'l'', 'n', 'm', 'M', or 'a'. These letrers
evaluate to true if their corresponding escape sequence maps to a
non-empty value. (IE, if
%l evaluates to an empty string,
l is false in the conditional test. If
%l is not empty,
l is true.)
is a special case, often quite useful. It evaluates to true if the
event is a login event, and false if the event is a logout event.
A few notes: