/var/log/faillog – Contains user failed login attemps. who command uses this file to display the information. Using wtmp you can find out who is logged into the system. /var/log/wtmp or /var/log/utmp – Contains login records. For example, sshd logs all the messages here, including unsuccessful login. /var/log/secure – Contains information related to authentication and authorization privileges. /var/log/cron – Whenever cron daemon (or anacron) starts a cron job, it logs the information about the cron job in this file. /var/log/yum.log – Contains information that are logged when a package is installed using yum. FIND LOG FILES IN LINUX INSTALL
/var/log/anaconda.log – When you install Linux, all installation related messages are stored in this log file. 
/var/log/cups – All printer and printing related log messages.For example, “last -f /var/log/btmp | more” Use the last command to view the btmp file. /var/log/btmp – This file contains information about failed login attemps.On Ubuntu, update-alternatives maintains symbolic links determining default commands.
/var/log/alternatives.log – Information by the update-alternatives are logged into this log file. /var/log/Xorg.x.log – Log messages from the X. /var/log/user.log – Contains information about all user level logs. For example, sendmail logs information about all the sent items to this file 
/var/log/maillog /var/log/mail.log – Contains the log information from the mail server that is running on the system. You should use lastlog command to view the content of this file. /var/log/lastlog – Displays the recent login information for all the users. Helpful for you to troubleshoot a custom-built kernel. /var/log/kern.log – Contains information logged by the kernel. /var/log/dpkg.log – Contains information that are logged when a package is installed or removed using dpkg command. /var/log/daemon.log – Contains information logged by the various background daemons that runs on the system. /var/log/boot.log – Contains information that are logged when the system boots. /var/log/auth.log – Contains system authorization information, including user logins and authentication machinsm that were used. You can also view the content of this file using the dmesg command. These messages are available in kernel ring buffer and whenever the new message comes the old message gets overwritten. 
When the system boots up, it prints number of messages on the screen that displays information about the hardware devices that the kernel detects during boot process. /var/log/dmesg – Contains kernel ring buffer information.There are several things that are logged in /var/log/messages including mail, cron, daemon, kern, auth, etc. /var/log/messages – Contains global system messages, including the messages that are logged during system startup.For example, you’ll see dpkg.log on Debian based systems (for example, on Ubuntu). Some of these log files are distribution specific. The following are the 20 different log files that are located under /var/log/ directory. You can also specify *.none, which indicates that none of the log messages will be logged.mail.none,authpriv.none,cron.none indicates that those error messages should not be logged into the /var/log/messages file.*.info indicates that all logs with type INFO will be logged.*.info mail.none authpriv.none cron.none /var/log/messages For example, following is the entry in nf for /var/log/messages. etc/nf controls what goes inside some of the log files. When your systems are running smoothly, take some time to learn and understand the content of various log files, which will help you when there is a crisis and you have to look though the log files to identify the issue. If you spend lot of time in Linux environment, it is essential that you know where the log files are located, and what is contained in each and every log file.
0 kommentar(er)
