/var/log/messages is the total Linux system log, the system has a log cutting mechanism, log scrolling, growing to a certain level, will automatically cut the log file, to prevent it unlimited increase
/etc/logrotate.conf//Log Cutting profile
#cat/etc/logrotate.conf//cat Log cutting profile
#see "man logrotate" for details
#rotate log files weekly
Weekly//per Weekly Cut
#keep 4 weeks worth of backlogs
rotate 4//cut into four files
#create new (empty) log files after rotating old ONES
create//Create a new file
#use date as a suffix of the rotated file
Dateext//This is its suffix name
#uncomment this if you want your lo g Files Compressed
#compress//Whether compression is required, compressed to. tar.gz
#RPM Packages drop log rotation information into this directoryINCLUDE/ETC/LOGROTATE.D//contains some files under the/ETC/LOGROTATE.D directory
#no packages own wtmp and btmp--we'll rotate them here
/V ar/log/wtmp {//Cut the file, cut once per month
monthly
Create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {// Cut the file, specify permissions, owner, group
Missingok
Monthly
Create 0600 root utmp
Rotate 1
}
#system-specific logs may be Also be configured.
#cat/etc/logrotate.d/syslog
/var/log/cron//will be cut for the 5 logs of Cron,maillog,messages,secure,spooler
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
Sharedscripts
Postrotate//involves shell command line
/bin/kill-hup cat /var/run/syslogd.pid 2> /dev/null
2>/dev/null | | true
Endscript
}
Linux system features: Write a service not according to the filename to write, but based on the file cluster (can be considered as inode, determine the unique characteristics of the file)
Messages is determined by the SYSLOGD service, so kill-hup can reload the service
Reference article: https://my.oschina.net/u/2000675/blog/908189
DMESG command
#dmesg//Lists hardware-related logs, logs stored in memory, not a file, such as hard disk damage, Nic corruption, will be recorded in this log
#dmesg-c//temporarily empties the current log, and after rebooting the system, it generates
/VAR/LOG/DMESG This log is not associated with the DMESG command,/VAR/LOG/DMESG is the system-initiated log
Last command
#last//View the correct login history, including login user name, login link, source IP address, login point, login time, last command is call/var/log/wtmp This log, this log cannot directly cat
#lastb//Login failed, it calls the/var/log/btmp log, the same log is not directly cat; If the server is being hacked by someone else, it will record a lot of logs.
/var/log/secure is the security log
Linux system logs