Linux User Group of Gaia's Tip, Tricks, How-tos, and FAQs

System Logging Explained in Linux

In linux, a variety of log files are maintained. And its understanding is often vital for troubleshooting system problems. The centralized logging is provided by two daemons :
syslogd
klogd
For example, running the 'ps' command on my system gives the following output ...


The log files generated by these daemons as well as the log files generated by the applications like apache, squid etc are stored under the /var/log directory. Some of the more important log files that are a part of system administrator's forte are as follows:
/var/log/dmesg - This log file is written upon system boot. It contains messages from the kernel that were raised during the boot process. You can also view them using the command:

This log file can be viewed by any non-privileged user. But the next three log files are readable only by root.

/var/log/messages - This is the standard system log file, which contains messages from all your system software, non-kernel boot issues, and messages that go to 'dmesg'.

/var/log/maillog - This log file contains messages and errors from your sendmail.

/var/log/secure - This log file contains messages and errors from security related systems such as login, tcp_wrappers, and xinetd. This log file is very useful in detecting and investigating network abuse.

As I said earlier, syslogd and klogd daemons provide centralized logging in linux. The configuration file for syslogd is /etc/syslogd.conf System logging is provided by syslogd and klogd intercepts kernel messages and provides them to syslogd daemon.

/etc/rc.d/init.d/syslog script controls both syslogd and klogd daemons. Messages can be logged to files, broadcast to connected users, written to the console, or even transmitted to remote logging daemons across the network. By default, the messages of emergency or higher (more severe) are broadcast to all users, and most other messages are written to /var/log/messages file, which is where you should look for non-kernel boot errors, error messages from most application-level services, such as automount, login services etc. After system boot, kernel messages are also written to this file.

Usually a system administrator will run the command :


at the console, to get a running display of the messages logged by the syslogd daemon. Thus he will be able to keep track of any system wide errors that may be generated.

Go Back


Table Of Contents
About This Site
- About this Site
General
- Auto Config Xorg
- How to burn and run an ISO file
Downloading and Installing Linux Distros
- How to Install Ubuntu
- Downloading openSUSE
- How to Install Ubuntu on a Mac G3
- Duel Booting with Windows Vista
The Bash Shell
- Editing a bash command
- Bash Completion
- Special Shell variables
- Bash shell shortcuts
- Configuring Xterm in Linux
- A short guide to bash shell scripting
- Enhanching System prompt $ps1
- Screen
- Find number of days since Jan 1
- Mount your files the Linux way
- Script
Audio and Video
- Bunring audio and data CDs in Linux
- How to play VCD .dat files using mplayer
- Converting a VCD .dat file to mp3
- An easy way to play songs remotely/have a media player...
Installing Files in Linux
- RPM package manager
- Autopackage
- Convert between RPM, DEB, and TAR package formats
- How to make your own package CDs for offline use
- Intalling Mono in Linux
- Configuring Java in linux
- Installing Active x in Linux
- How to install beryl on Ubuntu
Tricks wind Editors in Linux
- VIM
- Using Abiword to convert filetypes on the command line
Network Security
- iptables (starters guide)
- Designing a firewall using Iptables
- TCP Wrappers in Linux
- Apache Webserver
Network Tips
- Routing, NAT, and Gateways explained
- Apache
- Understanding DNS
- DNS on Linux
- Who owns which port
- NIS client (server configuration)
- DHCP server configuration
- Change the hostname of your machine
- Intergrating Mac, Linux, and Windows machines in a network with centerlized login
Mail Server and Clients
- Sendmail
- Sendmail configuration
- Change your MTA
- Redirecting roots mail to another user
- Mutt
- fetchmail and Gmail
- Creating a Linux mail server
System Administration
- Different ways of locking a users account in Linux
- Preventing a non-root user from shutting down / restarting the machine
- Disk Quotas in Linux
- Change system log in banner in Linux
- Enable centerlized login with Linux
- System Logging explaned
- Tips to secure your computer
- Find
- Cron
- SSH
- Setting up SSH in Linux
- SUDO
- Job Control
- Sharing Directories among several users
- /proc filesystem explained
- NFS
- hdparm
- Adding a swap file to your Linux system
- chroot
- Get exact control over your files and directories in Linux
Linux Filesystem
- Mounting NTFS filesystem in Linux
- Autofs
- LVM creation
- Resizing LVM
Linux Backups
- CPIO
- Backup your data with rsync
Hardware Configuration
- Confinguring the Rockwell chipset winmodem in Linux
- Configuring sound in Linux
- Configuring Microsoft serial intellimouse
- NVIDEA
- Installing HD in Linux
- How to install a network card in Linux
- Assigning a IP adress to your NIC
- Setting up multiple IP adresses on a single NIC
- How to change the MAC address of your machine
- Find the speed of your NIC
Linux Kernel
- Compilation of Linux kernel from source (2.4 only)
- Compilation of Linux kernel from source (2.6 only)
Database Tips
- MySQL Cheatsheet
Linux GUI Configurations
- Enable restart option on KDE menu
Internet and Linux
- Connection to a BSNL internet dailup account
Linux Eyecandy
- 3ddesktop
- Linux EyeCandy
- New Desktop theme
- Skinning your Desktop
- Windows managers in Linux
- Tag your files in GNOME
- How to use windows fonts in Mozilla