What's new

Welcome to Ruzgar.com

Join us now to get access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, and so, so much more. It's also quick and totally free, so what are you waiting for?

Ask question

Ask questions and get answers from our community

Answer

Answer questions and become an expert on your topic

Contact us

Contact the site administrator directly.

Groups

Just like Facebook join them and enjoy.

Centos Lesson 12 Log records and Log management

ruzgar

Administrator
Staff member
Joined
Oct 3, 2021
Messages
37
Reaction score
0
Points
6
Log files are one of the most important parts of a system. With log files, you can find people who log into the system, program error messages, error types, wrong jobs and take action. Many problems are solved by log file inspections.

In CentOS, log files are saved in /var/log folder.

In SSH we can enter the log folder with the following code:
Code:
cd /var/log
As you can see, many log files are kept in the system. You can see the files with the ls command as follows.

centos_log_files.png

The records of the processes running on the system are located in the messages file. You can follow the system instantly with the following code:

Code:
tail -f /var/log/messages

This command will give instantaneous attacks and movements to the system. You can exit without viewing with the command Ctrl + C.

centos_log_tracking.png

If you are wondering what happened on your server, you can check the following areas:

Enter the /var/log/message folder:

  • con.log: Cron commits logs
  • boot.log: System boot logs
  • ytmp: User login records
  • yum.log: Yum installation logs
  • auth.log: User login and authorization records
  • kern.log: Kernel logs
  • mail.log: Mail server logs
  • mysqld.log MySQL server logs
  • secure.log: identity logs
  • fail.log Failed login logs
  • apport.log: application error logs
  • daemon.log: Logs of system services
  • debug: logs used for debugging.
  • syslog: system message service logs.
  • proftod: logs of ftp service
Most of the time it doesn't make sense to open the whole lopg file in the SSH window. Therefore it would be logical to bring the last x records. For example
Code:
tail -10 [error.log]
will fetch the last 10 records of the error file.

To view remotely connected users in the system

Code:
last /var/log/lastlog
 
shape1
shape2
shape3
shape4
shape5
shape6
Top