...
Code Block | ||||
---|---|---|---|---|
| ||||
dmesg -T [Wed May 29 14:46:00 2024] Run /init as init process [Wed May 29 14:46:00 2024] with arguments: [Wed May 29 14:46:00 2024] /init [Wed May 29 14:46:00 2024] with environment: [Wed May 29 14:46:00 2024] HOME=/ [Wed May 29 14:46:00 2024] TERM=linux [Wed May 29 14:46:00 2024] BOOT_IMAGE=/boot/vmlinuz-5.15.0-97-generic [Wed May 29 14:46:00 2024] biosdevname=0 [Wed May 29 14:46:00 2024] netcfg/do_not_use_netplan=true [Wed May 29 14:46:00 2024] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 |
2. Service Logs/var/log/auth.log or /var/log/secure - Stores authentication logs, including both successful and failed logins and authentication methods. Debian/Ubuntu information is stored in /var/log/auth.log, while Redhat/CentrOS is stored in /var/log/secure.:
/var/log/daemon.log - Tracks services running in the background that perform important tasks, but has no graphical output
...
Code Block | ||||
---|---|---|---|---|
| ||||
journalctl -u apache2 -- Logs begin at Tue 2024-06-18 10:55:23 UTC, end at Tue 2024-06-18 12:05:19 UTC. -- Jun 18 11:56:19 hostname systemd[1]: Starting The Apache HTTP Server... Jun 18 11:56:19 hostname apache2[1342]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message Jun 18 11:56:19 hostname systemd[1]: Started The Apache HTTP Server. |
3. Authentication Logs:
/var/log/auth.log or /var/log/secure - Stores authentication logs, including both successful and failed logins and authentication methods. Debian/Ubuntu information is stored in /var/log/auth.log, while Redhat/CentrOS is stored in /var/log/secure.
4. Application Logs: Application Logs (examples)
/var/log/apache2/ - Apache HTTP server logs (access, error).
/var/log/mysql/ - MySQL database server logs.
5. Package Management Logs:
/var/log/apt directory - contains several log files that provide important information about apt-related activities on Debian-based systems.
/var/log/yum.log - Red Hat-based systems store the yum and dnf package manager logs, file provides information about the results of a specific command, such as any errors or warnings that were generated. For example, if a package update fails
46. Event Logs
var/log/wtmp - Records of user logins and logouts.
...