Detailed introduction to logs in Linux system

1. Log related services

In CentOS 6.x , the log service has been replaced by rsyslogd instead of the original syslogd service. RedHat believes that syslogd can no longer meet the needs of work, and rsyslogd service supports more functions.

rsyslogd service has some new features compared to syslogd service:

Log information is transmitted based on the TCP network protocol.

A more secure network transmission method.

There is a real-time analysis framework for log messages.

Backend database. Simple logical judgments can be written in the configuration file.

Compatible with syslog configuration files.

2. Common log files in the system

In Linux systems, system logs are generally saved in the /var/log/ directory.

As shown below:

[root@localhost ~]# ls /var/log/
anaconda.ifcfg.log btmp maillog secure
anaconda.log ConsoleKit maillog-20200705 secure-20200705
anaconda.program.log cron mcelog spooler
anaconda.storage.log cron-20200705 messages spooler-20200705
anaconda.syslog cups messages-20200705 sssd
anaconda.xlog dmesg ntpstats tallylog
anaconda.yum.log dmesg.old prelink wtmp
audit dracut.log sa yum.log
boot.log lastlog samba

Let's take a closer look at the main log files above:

Note: Examples of log files that cannot be viewed with the vim editor.

# Someone used the root user to log in to local terminal 1 at 22:38 on June 4th. [root@localhost log]# lastb
root tty1 Tue Jun 4 22:38 - 22:38 (00:00)

Why can't some log files be viewed using the vim editor?

This is because the contents of these log files record the logs of important system resources and are related to system security. You cannot modify them. To ensure the accuracy of the data, you can only view them through relevant commands.

In addition to the system default logs, system services installed using RPM will also record logs in the /var/log/ directory by default.

For example:

The service logs installed with the source package are in the directory specified by the source package.

However, these logs are not recorded and managed by the rsyslogd service. Instead, each service uses its own log management document to record its own logs.

This is the end of this article about the detailed introduction of logs in Linux system. For more relevant Linux log content, please search 123WORDPRESS.COM's previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!