Linux Logs
📁 Log Storage Location
Directory: Logs in Linux are stored in the
/var/logdirectory. The/vardirectory stands for "variable," indicating it contains files that frequently change. Since logs are continuously updated, they are kept here. 📂
🔍 Common Log Files
/var/log/auth.log: Logs authorization and security-related events. 🔒/var/log/kern.log: Contains kernel messages. 🛠️/var/log/dmesg: Stores system startup messages. Useful for troubleshooting boot-up issues. 🚀/var/log/syslog: A comprehensive log file that captures almost all system events except some off events. This file is typically the first place to check for detailed system information. 📜
🗂️ Log Management
Log Rotation: To manage disk space, Linux uses a process called log rotation, handled by the
logrotateutility. This process ensures older log files are archived or deleted to make room for new logs. 🔄Customizing Log Rotation: You can adjust settings to keep logs for a longer period if needed for troubleshooting. 🗓️
🌐 Centralized Logging
Purpose: For managing multiple systems, centralized logging allows you to aggregate logs from various machines into a single location for easier analysis. 🌍
📊 Understanding Log Entries
Timestamps: Logs often use Unix or epoch time, representing the number of seconds since midnight on January 1, 1970. This format might look like a long string of numbers, but it is standard for Unix-based systems. 🕰️
🔍 Reading Logs
Example: When examining logs, you might encounter a complex format. The next lesson will cover troubleshooting using logs, including parsing and interpreting log entries. 📚
Last updated