There are a number of log files located under the/var/log/directory, and here is a record of the related uses. Some of these are only available in a specific version, such as Dpkg.log can only be seen in Debian based systems.
/var/log/messages-includes overall system information, which also contains logs during system startup. In addition, content such as Mail,cron,daemon,kern and Auth is also recorded in the Var/log/messages log.
/var/log/dmesg-contains kernel buffering information (kernel ring buffer). When the system starts, a lot of hardware-related information is displayed on the screen. You can view them with DMESG.
/var/log/auth.log-contains system licensing information, including the user login and use of the Authority mechanism.
/var/log/boot.log-contains logs when the system starts.
/var/log/daemon.log-contains a variety of system daemon log information.
/var/log/dpkg.log– includes a log of the install or DPKG command to clear the package.
/var/log/kern.log– contains logs generated by the kernel to help resolve problems while customizing the kernel.
/var/log/lastlog-records the most recent information for all users. This is not an ASCII file, so you need to view the content with the Lastlog command.
/var/log/maillog/var/log/mail.log-contains the log information for the system to run the e-mail server. For example, the SendMail log information is all sent to this file.
/var/log/user.log-logs that record all levels of user information.
/var/log/xorg.x.log-log information from X.
/var/log/alternatives.log– Update alternate information is recorded in this file.
/var/log/btmp– logs all failed logon information. Use the last command to view the Btmp file. For example, "Last-f/var/log/btmp | More ".
/var/log/cups-logs that involve all printed information.
/var/log/anaconda.log-when Linux is installed, all installation information is stored in this file.
/var/log/yum.log-contains package information that is installed using Yum.
/var/log/cron-when a cron process starts a job, it records the relevant information in this file.
/var/log/secure-contains authentication and authorization information. For example, SSHD will have all the information records (including failed logins) here.
/var/log/wtmp or/var/log/utmp-contains login information. Use Wtmp to find out who is logging into the system, who uses commands to display this file or information.
/var/log/faillog– contains user logon failure information. In addition, the error login command is also recorded in this file.
In addition to the log file above,/var/log also includes the following subdirectories based on the specific application of the system:
/var/log/httpd/or/var/log/apache2-contains server Access_log and error_log information.
/var/log/lighttpd/-contains Access_log and error_log of light httpd.
/var/log/mail/– This subdirectory contains additional logs for the mail server.
/var/log/prelink/-contains information that the. So file is PreLink modified.
/var/log/audit/-contains information stored by the Linux audit daemon.
/var/log/samba/– contains information stored by Samba.
/var/log/sa/-contains the SAR files that are collected daily by the Sysstat package.
/var/log/sssd/– is used for daemon security services.
In addition to manually archiving and purging these log files, you can use Logrotate to automatically delete files when they reach a certain size. You can try to view these log files with commands such as Vi,vim,tail,grep and less.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
