Linux log description

Others 2020-10-14 18:17:52 views: null

Common log files of Linux system:

Path 1: /var/log/messages: record Linux kernel messages and common log information of various applications
Path 2: /var/log/cron: record event information generated by crond scheduled tasks
Path 3: /var/log/dmesg : Record the various event information of the Linux operating system during the boot process
Path 4: /var/log/maillog: Record the e-mail activity entering or sending out the system
Path 5: /var/log/lastlog: Record the recent login of each user Event
Path 6: /var/log/secure: Record security event information related to user authentication
Path 7: /var/log/wtmp: Record each user login, logout and system startup and shutdown events
Path 8: /var/log/ btmp: record failed, wrong login attempts and verification events

Linux system user log related commands:

1. The
users users command simply outputs the name of the currently logged in user, and each displayed user name corresponds to a login session. If a user has more than one login session, his username will be displayed the same number of times.

2. The
who who command is used to report the information of each user currently logged in to the system. Using this command, the system administrator can check which illegal users exist in the current system to audit and deal with them. The default output of who includes username, terminal type, login date, and remote host.

3. The
w w command is used to display information about each user in the current system and the process they are running, which is richer than the output of the users and who commands.

4. The
last last command is used to query the user records that have successfully logged in to the system, and the latest login status will be displayed at the top. The last command can be used to grasp the login status of the Linux host in time. If an unauthorized user is found to have logged in, it means that the current host may have been compromised.

5. The
lastb lastb command is used to query the user records of failed logins, such as the login user name error, incorrect password, etc. will be recorded. The login failure is a security incident because it means that someone may be trying to guess your password.

carried out:

When executing the last command, it will read the /var/log/wtmp log file by default. This is a binary file and cannot be edited directly with vi. The
lastlog command can only be called by the last command. The default is to read /var/log/ Lastlog log file. This file is also a binary file and cannot be edited directly with vi. It needs to be called with the lastlog command.


 

Guess you like

Origin blog.csdn.net/Doudou_Mylove/article/details/108336418
Recommended
Ranking
Solve the problem that the Chinese display of the drawing using python matplotlib under the Linux system is displayed as a box
[Conference Call for Papers] The 5th International Conference on Civil Engineering, Environmental Resources and Energy Materials (CCESEM 2023)
4-yl Fast Fourier Transform
DataGirdView interlaced display color
[Docker implements test deployment CI/CD----Dingding alarm after the build is successful (7)]
[Asp.net core series] 6 the complete structure of a project in actual combat
The new version of OpenCenterV3 management background
Why can box plots detect outliers and what is the principle?
[Switch] jumbo frame Introduction
C++对象移动(3)——移动构造函数
Daily
More
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)

Code World

© 2018 codetd.com