CT320

CT320: Network and System Administration

Fall 2018

Logging

See this page as a slide show

CT 320: Network and System Administration

Chapter 11: Logging

Original slides from Dr. James Walden at Northern Kentucky University.

Overview

Finding logfiles

Finding logfiles (cont’d)

FileProgramFreqContents
acpidacpid-power related events
boot.logrc scriptsmonthlysystem startup scripts
croncronweeklycron execution and errors
cupsCUPSweeklyprinting related messages
dmesgkernel-kernel message buffer
faillogloginweeklyunsuccessful login attempts
/etc/httpdhttpddailyApache HTTP server logs
lastloglogin-last login time per user
mailmailersweeklymail facility messages

Finding logfiles (cont’d)

FileProgramFreqContents
messagesvariousweeklymain system log
samba/*smbdweeklySamba file sharing
securesshdmonthlyprivate authorization messages
sulogsu-successes and failures
syslogvariousweeklymain system logfile
warnvariousweeklywarning and error messages

syslog: system event logger

syslog: facility names

FacilityPrograms that use it
authauthorization commands
croncron
daemonsystem daemons
ftpftpd
kernkernel
lprline printer spooling
mailsendmail
syslogsyslogd
useruser processes

syslog: severity levels

LevelMeaning
emergpanic situations
alerturgent situations
critcritical conditions
errother error conditions
warningwarning messages
noticemight merit investigation
infoinformation messages
debugfor debugging only

syslog: action field

ActionMeaning
filenameappend message to local file
@hostnameforward to syslogd on hostname
@ipaddressforward to syslogd at ipaddress
|fifonamewrite to named pipe
user₁,user₂,…write to screens of listed users
*write to screens of all users

syslog: config examples

    # emergencies: tell everyone who is logged in
    *.emerg *
    # warnings: store them in message log
    *.warning /var/log/messages
    # kernel: store them in local log
    kern.info /var/log/kern.log
    # send to network logger
    auth.info @netloghost

logrotate

Logging Policies

Modified: 2017-09-28T13:00

User: Guest

Check: HTML CSS
Edit History Source
Apply to CSU | Contact CSU | Disclaimer | Equal Opportunity
Colorado State University, Fort Collins, CO 80523 USA
© 2015 Colorado State University
CS Building