Process and OS kernel need to be record a log of event that happen. These logs can be useful for auditing the system and troubleshootingproblems. Red Hat Log files are stored in /var/log directory. Red hat 7 syslog messages are handle by two services Systemd-journald and rsyslog.
ryslog:-
- It will sort the syslog messages by type and priority then it will store on /var/log directory.
- rsyslog start with oldest message on top and the newest message at end of the log file.
- Example of log entry for /var/log/secure.
- Timestamp when log entry was recorded.
- Hostname from which the log message was sent.
- Process that sent the log message.
- Actual message sent.
Syslog Priority:
Systemd-journald:-
It collect messages from kernel, the early stages of the boot process, standard output, syslog and error of daemons as they start up and run. Syslog messages are forwarded by Systemd-journald to rsyslog.
To monitor a log files use the below mentioned command.
Syntax:
tail –f /path/to/file -> It will display last 10 lines of the logs.
We can give any number instead of –f also. Look into an example where I have used 5. Where it display last 5 entries of logs.
Example:
tail –f /var/log/messages
tail –f /var/log/cron
tail –f /var/log/boot.log
ConversionConversion EmoticonEmoticon