Logs in Linux
Introduction
Logs are very helpful while troubleshooting as it contains the relevant information whenever disaster appear on server or any service is not working properly. So these logs saves time in troubleshooting.
List logs
By default most Linux logs can be found in the directory /var/log/.
# ls -l /var/log total 5756 drwxr-xr-x. 2 root root 4096 Feb 25 13:14 anaconda drwxr-x---. 2 root root 94 Apr 20 20:16 audit -rw-r--r--. 1 root root 0 Feb 25 13:13 boot.log -rw-------. 1 root utmp 1808256 Apr 22 07:34 btmp -rw-r--r--. 1 root root 1134 Apr 10 03:08 choose_repo.log drwxr-xr-x. 2 chrony chrony 6 Feb 5 2014 chrony -rw-r--r--. 1 root root 2534 Apr 10 03:08 cloud-init.log -rw-r--r--. 1 root root 27149 Apr 22 07:01 cron -rw-r--r--. 1 root root 24134 Apr 12 03:22 cron-20150412 -rw-r--r--. 1 root root 99515 Apr 20 03:43 cron-20150420 -rw-r--r--. 1 root root 32598 Apr 10 03:08 dmesg -rw-------. 1 root root 2003 Apr 21 07:27 grubby drwx------. 2 root root 4096 Apr 20 03:43 httpd -rw-r--r--. 1 root root 292292 Apr 22 00:57 lastlog -rw-------. 1 root root 0 Apr 20 03:43 maillog -rw-------. 1 root root 198 Apr 10 03:08 maillog-20150412 -rw-------. 1 root root 1093 Apr 16 06:59 maillog-20150420 -rw-------. 1 root root 259933 Apr 22 07:32 messages -rw-------. 1 root root 303675 Apr 12 03:22 messages-20150412 -rw-------. 1 root root 932940 Apr 20 03:43 messages-20150420 -rw-r-----. 1 mysql mysql 31400 Apr 22 01:30 mysqld.log drwx------. 2 root root 6 Jan 26 2014 ppp drwxr-xr-x. 2 root root 69 Apr 20 03:43 rhsm -rw-------. 1 root root 313890 Apr 22 07:34 secure -rw-------. 1 root root 584361 Apr 12 03:05 secure-20150412 -rw-------. 1 root root 1343433 Apr 20 03:35 secure-20150420 -rw-------. 1 root root 0 Apr 20 03:43 spooler -rw-------. 1 root root 0 Feb 25 13:05 spooler-20150412 -rw-------. 1 root root 0 Apr 12 03:22 spooler-20150420 -rw-------. 1 root root 0 Feb 25 13:02 tallylog drwxr-xr-x. 2 root root 22 Apr 10 03:08 tuned -rw-rw-r--. 1 root utmp 9600 Apr 22 00:57 wtmp -rw-------. 1 root root 6126 Apr 21 07:28 yum.log
Following are some important logs files in linux.
/var/log/audit/
/var/log/auth.log
/var/log/boot.log
/var/log/cron
/var/log/daemon.log
/var/log/dpkg.log
/var/log/messages
/var/log/dmesg
/var/log/kern.log
/var/log/lastlog
/var/log/maillog
/var/log/mail.log
/var/log/wtmp
/var/log/utmp
/var/log/faillog
/var/log/httpd/
/var/log/apache2
/var/log/user.log
/var/log/Xorg.x.log
/var/log/alternatives.log
/var/log/btmp
/var/log/cups
/var/log/anaconda.log
/var/log/yum.log
/var/log/lighttpd/
/var/log/conman/
/var/log/mail/
/var/log/prelink/
/var/log/sa/
/var/log/secure
/var/log/sssd
/var/log/samba/
/var/log/vsftpd/
Logwatch
To watch the run time logs execute the logwatch command:
# logwatch /path/of/log/file
Real Time Logs
To get all newly added lines from a log file in real time on the shell, use the command:
# tail -f /var/log/mail.log
# tail -f /var/log/vsftpd.log
I am actually thankful to the holder of this web page who has shared this impressive paragraph at at this time.