For example, sendmail logs information about all the sent items to this fileī) /var/log/Xorg.x. For example, sshd logs all the messages here, including unsuccessful login.Ī) /var/log/dpkg.log – Contains information that are logged when a package is installed or removed using dpkg commandī) /var/log/yum.log – Contains information that are logged when a package is installed using yumĪ) /var/log/daemon.log – Contains information logged by the various background daemons that runs on the systemī) /var/log/cups – All printer and printing related log messagesĬ) /var/log/cron – Whenever cron daemon (or anacron) starts a cron job, it logs the information about the cron job in this fileī) /var/log/maillog /var/log/mail.log – Contains the log information from the mail server that is running on the system. Use faillog command to display the content of this file.į) /var/log/secure – Contains information related to authentication and authorization privileges. who command uses this file to display the information.Į) /var/log/faillog – Contains user failed login attemps. Using wtmp you can find out who is logged into the system. For example, “last -f /var/log/btmp | more”ĭ) /var/log/wtmp or /var/log/utmp – Contains login records. Use the last command to view the btmp file. You should use lastlog command to view the content of this file.Ĭ) /var/log/btmp – This file contains information about failed login attemps. There are several things that are logged in /var/log/messages including mail, cron, daemon, kern, auth, etc.Ī) /var/log/auth.log – Contains system authorization information, including user logins and authentication machinsm that were used.ī) /var/log/lastlog – Displays the recent login information for all the users. Many other files are generated and will be important for system administration and troubleshooting.Ī) /var/log/messages – Contains global system messages, including the messages that are logged during system startup. Some log files are distribution specific and this directory can also contain applications such as samba, apache, lighttpd, mail etc.įrom a security perspective, here are 5 groups of files which are essential. If event messages are getting received and forwarded, then query the load activity history for the target table. Note that a path specified in the pipe definition is appended to any path in the stage definition. If you manage any Linux machines, it is essential that you know where the log files are located, and what is contained in them. Verify any paths specified in the stage and pipe definitions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |