Logs

From DikapediaV2
Jump to: navigation, search

https://www.eurovps.com/blog/important-linux-log-files-you-must-be-monitoring/


Ubuntu Logs


https://ubuntu.com/tutorials/viewing-and-monitoring-log-files#2-log-files-locations

System logs

System logs deal with exactly that - the Ubuntu system - as opposed to extra applications added by the user. These logs may contain information about authorizations, system daemons and system messages. Authorization log

Location: /var/log/auth.log

Keeps track of authorization systems, such as password prompts, the sudo command and remote logins.


Daemon Log

Location: /var/log/daemon.log

Daemons are programs that run in the background, usually without user interaction. For example, display server, SSH sessions, printing services, bluetooth, and more.


Debug log

Location: /var/log/debug

Provides debugging information from the Ubuntu system and applications. Kernel log

Location: /var/log/kern.log

Logs from the Linux kernel.


System log

Location: /var/log/syslog

Contains more information about your system. If you can’t find anything in the other logs, it’s probably here.


Application logs

Some applications also create logs in /var/log. Below are some examples. Apache logs

Location: /var/log/apache2/ (subdirectory)

Apache creates several log files in the /var/log/apache2/ subdirectory. The access.log file records all requests made to the server to access files. error.log records all errors thrown by the server.


X11 server logs

Location: /var/log/Xorg.0.log

The X11 server creates a seperate log file for each of your displays. Display numbers start at zero, so your first display (display 0) will log to Xorg.0.log. The next display (display 1) would log to Xorg.1.log, and so on.


Non-human-readable logs

Not all log files are designed to be read by humans. Some were made to be parsed by applications. Below are some of examples. Login failures log


Location: /var/log/faillog

Contains info about login failures. You can view it with the faillog command. Last logins log

Location: /var/log/lastlog

Contains info about last logins. You can view it with the lastlog command. Login records log

Location: /var/log/wtmp

Contains login info used by other utilities to find out who’s logged in. To view currently logged in users, use the who command.