December 6, 2016

Linux System Logging

www.linuxconfig.net
Bash Script - linuxconfig.net
i am a new Linux consumer. I would like to recognise where are the log documents located beneath Debian/Ubuntu or CentOS/RHEL/Fedora Linux server? How do I open or view log files on Linux running structures?

Almost all logfiles are located under /var/log directory and its sub-directories on Linux. You can change to this directory using the cd command. You need be the root user to view or access log files on Linux or Unix like operating systems. You can use the following commands to see the log files:

  1. less command
  2. more command
  3. cat command
  4. grep command
  5. tail command
  6. zcat command
  7. zgrep command
  8. zmore command


How do I view log files on Linux?

Open the Terminal or login as root user using ssh command. Go to /var/log directory using the following cd command:
# cd /var/log

To view a common log file called /var/log/messages use any one of the following command:
# less /var/log/messages
# more -f /var/log/messages
# cat /var/log/messages
# tail -f /var/log/messages
# grep -i error /var/log/messages

Common Linux log files names and usage

  • /var/log/messages : General message and system related stuff
  • /var/log/auth.log : Authenication logs
  • /var/log/kern.log : Kernel logs
  • /var/log/cron.log : Crond logs (cron job)
  • /var/log/maillog : Mail server logs
  • /var/log/qmail/ : Qmail log directory (more files inside this directory)
  • /var/log/httpd/ : Apache access and error logs directory
  • /var/log/lighttpd/ : Lighttpd access and error logs directory
  • /var/log/boot.log : System boot log
  • /var/log/mysqld.log : MySQL database server log file
  • /var/log/secure or /var/log/auth.log : Authentication log
  • /var/log/utmp or /var/log/wtmp : Login records file
  • /var/log/yum.log : Yum command log file.


A note about rsyslogd
All of the above logs are generated using rsyslogd service. It is a system utility providing support for message logging. Support of both internet and unix domain sockets enables this utility to support both local and remote logging. You can view its config file by tying the following command:
# vi /etc/rsyslog.conf
# ls /etc/rsyslog.d/

In short /var/log is the location where you should find all Linux logs file. However, some applications such as httpd have a directory within /var/log/ for their own log files. You can rotate log file using logrotate software and monitor logs files using logwatch software.


Previous Post
Next Post

post written by:

0 comments: