Saturday, November 15, 2008

Location and usage of Log files in Ubuntu Linux

In Linux the log files could be the only source of information available to trace a problem or security issues. Almost all of the logfiles are located under /var/log directory.

Common Linux log files name and its use

  • /var/log/message: General message and system related messages
  • /var/log/kern.log: Kernel logs
  • /var/log/cron.log: Crond logs
  • /var/log/auth.log: Authenication logs
  • /var/log/maillog: Mail server logs
  • /var/log/httpd/: Apache access and error logs directory
  • /var/log/apache2/*: Apache2 access and error logs directory
  • /var/log/boot.log : System boot log
  • /var/log/mysqld.log: MySQL database server log file
  • /var/log/secure: Authentication log
  • /var/log/utmp or /var/log/wtmp : Login records file
  • /var/log/dpkg.log : All binary package log includes package installation and other information
  • /var/log/faillog : User failed login log file
  • /var/log/lpr.log : Printer log file
  • /var/log/user.log : All userlevel logs
  • /var/log/xorg.0.log : log file
  • /var/log/daemon.log : Running services such as squid, dhcpd and others log message to this file
  • /var/log/fsck/* : fsck command log

No comments: