Linux Syslogs






Process and OS kernel need to be record a log of event that happen. These logs can be useful for auditing the system and troubleshootingproblems. Red Hat Log files are stored in /var/log directory.  Red hat 7 syslog messages are handle by two services Systemd-journald and rsyslog.

 ryslog:-

  • It will sort the syslog messages by type and priority then it will store on /var/log directory.
  • rsyslog start with oldest message on top and the newest message at end of the log file.
  • Example of log entry for /var/log/secure. 


    • Timestamp when log entry was recorded.
    • Hostname from which the log message was sent.
    • Process that sent the log message.
    • Actual message sent.

Syslog Priority: 



Systemd-journald:-
It collect messages from kernel, the early stages of the boot process, standard output, syslog and error of daemons as they start up and run. Syslog messages are forwarded by Systemd-journald to rsyslog.

To monitor a log files use the below mentioned command.

Syntax:
tail –f /path/to/file  ->
It will display last 10 lines of the logs. 

We can give any number instead of –f also. Look into an example where I have used 5. Where it display last 5 entries of logs.

Example:
tail –f /var/log/messages


 tail –f /var/log/cron
 tail –f /var/log/boot.log

Previous
Next Post »