A. Log Files
1. The functions and classification of the log file
2. Log file save location and file description
Linux operating system itself and most of the log file server program are placed in the default directory / var / log / under. A
part of the program share a log file, part of a program to use a single log file, and some large server programs due date
log file more than one, it will establish the appropriate subdirectory in / var / log / directory to store the log file, so that both Paul
permit a clear structure of the log file directory, and can quickly locate the log file. A considerable portion of the log file only root
users have permission to read, which guarantees the security-related log information.
**
3. The kernel and system log
You can see from the configuration file /etc/rsyslog.conf, the log file is rsyslogd service management are the major Linux operating system log file, which records the Linux operating system kernel, user authentication, e-mail, scheduled tasks, etc. basic system message. In the Linux kernel, according to the degree of importance of the different log message, which is divided
into different priority levels (level number, the higher the priority, the more important the message).
4. The level of log message (Key)
The general format of the log records
6. User Log Analysis
1.users view the user can log in
2.who, w user login to view online
3.last, lastb see a successful login users and user login failure
7. log analysis program
In the Linux operating system, there are a considerable part of the application does not use rsyslog service to manage logs, and
is maintained by the logging program itself. For example, httpd web service uses two log files are access_log and error_log record customer access and error events.