To reference Veera's comment on my answer, I'll post the content behind the JIRA link here:

There is no out of box implementation of such feature. The hmc offers several hook methods where you can simply add your logic and do some log4j entries there which could be configured to a specific file or what ever.

In your extension you have a java file names *extensionname*HMCExtension.java in hmc package. Here you can implement several hook methods for hmc e.g. The logins into & logouts from HMC

Login:

 public void notifySessionBegin(...)

Logout:
Here (see above) you have the JaloSession as parameter and you can register there when this session is destroyed.

 @Override
 public void notifySessionBegin(DisplayState displayState, JaloSession jaloSession, HttpServletRequest request) {
     super.notifySessionBegin(displayState, jaloSession, request);
     LOGGER.info("New Sesstion begins for: " + jaloSession.getUser().getUID());
 }

Also: Implement the JaloSessionListener in *yourextension*Manager.java. You will get three additional methods:

• beforeSessionClose

• afterSessionCreation

• afterSessionUserChange

The important method is beforeSessionClose, here you can do something like that: if (JaloSession.getCurrentSession().getAttribute("is.hmc.session") != null) { System.out.println("User logout: " + JaloSession.getCurrentSession().getUser().getName()); } Also, as you are probably aware, hMC is based on so called Chips. The chip which reflects the login process is called MainChip. There, in the transferSession method contains the logic for login into hMC.

 protected void transferSession(final JaloSession jaloSession, final String login, final String password) throws JaloSecurityException {
     final Map props = new HashMap();
     props.put(JaloSession.LoginProperties.LOGIN, login);
     props.put(JaloSession.LoginProperties.PASSWORD, password);
  
     if (login == null || "".equals(login)) {
         final LoginToken token = UserManager.getInstance().getLoginToken(getDisplayState().getRequest());
 
         if (token == null) {
             postErrorMessage(getDisplayState().getLocalizedString(INCORRECT_LOGIN_PASSWORD_OR_TOKEN_NOT_FOUND));
             setAutoLogin(false);
             return;
         } else {
             props.put(LoginToken.URL_PARAMETER_KEY, token);
             props.put(JaloSession.LoginProperties.LOGIN, null);
             setAutoLogin(true);
         }
     }
 
     try {
         jaloSession.setUser(UserManager.getInstance().getAnonymousCustomer());
         jaloSession.transfer(props, true);
     } catch (final JaloInvalidParameterException e) {
         UserManager.getInstance().deleteLoginTokenCookie(getDisplayState().getRequest(), getDisplayState().getResponse());
         throw new JaloInvalidParameterException(e.getCause() == null ? e : e.getCause(), e.getErrorCode());
     } catch (final JaloSecurityException e) {
         UserManager.getInstance().deleteLoginTokenCookie(getDisplayState().getRequest(), getDisplayState().getResponse());
         throw new JaloSecurityException(e, e.getErrorCode());
     }
 }

Technically, you can override this chip and place you logic inside the method to hook into login process. Then you would have to change the mainChip.jsp file also which contains the line:

 MainChip theChip = (MainChip) request.getAttribute(AbstractChip.CHIP_KEY);

To get you chip. But this involves changing the files in platform itself so you should consider that. I hope that will help.

Best Regards,
Luke, referencing the good work done by Piotr

Hi Chaitanya,

The "Last Login" feature was disabled by default in a late version 4 of hybris.

It was disabled to improve performance. If you have lots of customers or employees logging in, that putting the database under pressure.

You really gotta ask yourself, how important is noting the "Last Login" of every user, in the scheme of your project?

If you want to enable it please follow the instructions in SUP-5799 - Enabling HMC Login Timestamp.

I hope this is useful to you,
Luke