UNIX programs create logs. Servers that provide network services such as HTTP and FTP also maintain detailed logs. Commonly used log files for www.2cto.com are as follows: access-log record HTTP/web transmission acct/pacct record user command aculog record MODEM activity btmp record failure record lastlog record recent successful login events and last unsuccessful log on to messages to record information from syslog (some links to the syslog file) su
the corresponding commands.
Read # lastlog | more. Use the lastlog command to check the last logon time of a specific user, and
Format and output the last logon log/var/log/lastlog.. Last. Last Command to search back/var/log/wtmp to display since file first
Users who have logged on since the creation.. LastbSearch for/var/log/btmp by the. lastb command to d
From: http://www.itokit.com/2012/0602/74289.html
Log category:
1. Connection time logThe connection time log is usually recorded by the/var/log/wtmp and/var/run/utmp files.
The two files cannot be directly viewed by CAT and are automatically updated by the system. You can use the following method:
W/WHO/finger/ID/last/lastlog/AC
[Root @ xhot ~] # Who
Root tty1
Root pts/0 (218.192.87.4)
Root pts/1 (218.192.87.4)
Root pts/3 2010-10-06
configure the master-slave copy of Bind, sometimes because of the permissions of the error, this can be on an error server with the command tail-f/var/log/messages real-time view of the changes in the server, to find clues to the error; it turns out to be very effective and used for lvs+ Keepalived is also good at troubleshooting, and so on.Third, the use of secure/var/log/secure: Records log in to the system Access data files, such as POP3, SSH, Telnet, FTP, etc. will be recorded, we can use t
[Email protected] ~]# Rpm-qa|grep logSysklogd-1.4.1-46.el5Logwatch-7.3-9.el5_6Logrotate-3.7.4-12Rsyslog-3.22.1-7.el5[[email protected] ~]# RPM-QA|GREP InitInitscripts-8.45.42-1.el5.centos[Email protected] ~]# Rpm-qa|grep PSACCTPsacct-6.3.2-44.el5/var/run/utmp Current,/var/log/wtmp history,/var/log/btmp failed wtmp and utmp files are binaries and they cannot be clipped or merged (using the Cat command) such as tail commands. Users need to use who, W, users, last, and AC to use the information co
generate the file, in the/etc/syslog.conf filePlus: *.warning/var/log/syslong The log file can record the error password, sendmail problem, and su command execution failure when the user logs in.and other information. This log file records the most recent successful logon event and the last unsuccessful logon event that was generated by login. Is queried every time the user logs on, the file is twofiles, you need to use the Lastlog command to view th
1 common system logs/var/log/message Record system Important information log, very important/var/log/cron Recording System Timing task log/var/log/cups Record Print Information log/VAR/LOG/DMESG system boot-up kernel self-test information, you can also use the DMESG command to directly view the kernel self-test information/var/log/btmp error logging log, binary file, using LASTB command to view/var/log/lastlog system All users last login time log, bin
record using the SU commandSyslog logs information from a syslog (usually linked to a messages file)Utmp record each user who is currently logged onWtmp a user's permanent record of each login entry and exit timeXferlog Record FTP sessionUser logged in information, security and verification logsLast, Lastb, LastlogThe utmp file holds information about the users currently in the system.The Wtmp file holds the successful information of the user who has logged in to the system.The btmp file holds
---restore content starts---Log Save locationThe default Var/log directoryPrimary log filesKernel and public message log: MessageScheduled Task log: CronSystem Peach LOG: DemsgMail system log: MaillogUser login log:/var/log/lastlog,/var/log/secure,/var/log/wtmp,/var/run/utmpKernel and System logs:Unified management by System service RSYSLOGD? Package: rsyslog-5.8.10-8.el6.x86_64? Main program:/SBIN/RSYSLOGD? Configuration file:/etc/rsyslog.conf the lo
command has the primary role of reporting the user who is currently logged on, the login device, the Telnet host name, or the X display value of the xwindows used, the session idle time, and whether the session accepts write or talk information. For example: WHO-IWH output results: USER MESG line Login-time IDLE fromDenny-tty1 Feb 08:42 OldThis means that the user, Denny, cannot accept write or talk information, and log on February 18 8:42 from Tty1. The security value of this command provides
Iocharset=utf8,umask=000/dev/hda2/mnt/hda2
FAT32 partition
Mount
Mount-t Ntfs-o Nls=utf8,umask=000/dev/hda3/mnt/hda3
Partition
Mount NTFS
Linux-ntfs project:http://linux-ntfs.sourceforge.net/
Umount/mnt/hda3 Unloading load
Note: Before mounting the equipment, please look fdisk-l first.
17.SU switch to another identity without exiting the login
Usage: SU-L user name (switch to root if user name is default)
Eg:su-l netseek (Switch to netseek This user, will prompt for password), plus-Indicates sw
five backups are retained.
Tabootext [+] list to prevent logrotate from dumping files with the specified extension. The default extension is. rpm-orig,. rpmsave, v, and ~
Size: dump a log file only when it reaches the specified Size. size can specify bytes (default), KB (sizek), or MB (sizem ).
2. logrotate is configured by default.
The default logrotate configuration file/etc/logrotate. conf.
The default installation file content of Red Hat linux is:
# See "man logrotate" for details
# Rotate
method to ensure system security:
A. root B. httpd C. guest * D. nobody
22. Completing the SLIP connection includes:
A. Convert the parallel port into a slip device * B. The Modem connects to the host through dialing
* C. Set the hardware interface. * D. Set the route table.
23. Which of the following statements are true?
The A./var/run/wtmp file records the users currently logged on to the system. We can use the who command to view this file.
* The B./var/log/
group permissions to the user during service
Pam_issue is displayed before prompting the user to enter the user name/etc/issue/Etc/issue file content
Pam_krb4 perform Kerberos authentication on the user password corresponding to the Kerberos Library File
Pam_lastlog displays/var/log/lastlog after the user logs on successfully.Information about the user's last logon and Maintenance/Var/log/lastlog file.
Pam
extension. The default extension is. rpm-orig,. rpmsave, V, and ~ Size size: dump a log file only when it reaches the specified size. Size can specify bytes (default), KB (sizek), or MB (sizem ). 2. logrotate is configured by default.What is the default configuration of logrotate? /Etc/logrotate. conf.The default installation file content of Red Hat Linux is:# See "Man logrotate" For details# Rotate log files weeklyWeekly# Keep 4 weeks worth of backlogsRotate 4# Send errors to rootErrors Ro
label: Use strong SP on log ad BS as TT for example, if the password is lost multiple times and the locked message is displayed, password: 530-there have been too cannot unsuccessful login attempts; please see the system administrator. the related configuration parameters are/etc/security/login. the following configuration items of CFG logindisable = 7*7 failed logons lock the port logininterval = 120 * The port is locked only after 7 failed logons within 120 seconds 1. If you can log
Linux Log Management Learning1. The log describes the various events that occur on a daily basis. You can use the log to check the cause of the error or the traces of the attack. To facilitate log management, logs are usually stored under/var/log/. Some programs share a log file, while some programs use a single log file. Some large service programs have many log files, a subdirectory is created to store log files. 2. log Type/var/log/secure: System Installation log, text format, periodic analys
Getting started with Linux: logs in Linux
In Linux, the connection time logs are generally recorded by the/var/log/wtmp and/var/run/utmp files. However, these two files cannot be directly viewed by cat, the file is automatically updated by the system. You can view the file by using the w, who, finger, id, last, lastlog, and ac commands.
For process monitoring logs in Linux, process monitoring logs are effective in monitoring user operation commands,
-() root: 0 Thu Oct 11-() root: 0 Thu Oct 11 20:12-20:12 (00: 00) www.2cto.com 2. Check the specific user logon/var/log/lastlog log file to record the recent logon time of each user. Each user has only one record [html] [root @ bogon ~] # Lastlog Username Port From Latest root: 0 Wed Oct 24 03:02:36-0700 2012 bin ** Never logged in ** daemon ** Never logged in ** adm ** Never logged in ** lp ** Never logged
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.