Q. I am new to Linux and I would like to know where are the log files located under Debian or Cento OS Linux server? How do I open or view log files?
A. Almost all logfiles are located under /var/log directory (and subdirectory). You can change to this directory using cd command but you need to be the root user. You can use less, more, cat or tail command to see the logs.
Go to /var/logs directory:# cd /var/logsView common log file /var/log/messages using any one of the following command:# tail -f /var/log/messagesOutput:
# less /var/log/messages
# more -f /var/log/messages
# vi /var/log/messages
Jul 17 22:04:25 router dnsprobe[276]: dns query failed Jul 17 22:04:29 router last message repeated 2 times Jul 17 22:04:29 router dnsprobe[276]: Primary DNS server Is Down... Switching To Secondary DNS server Jul 17 22:05:08 router dnsprobe[276]: Switching Back To Primary DNS server Jul 17 22:26:11 debian -- MARK -- Jul 17 22:46:11 debian -- MARK -- Jul 17 22:47:36 router -- MARK -- Jul 17 22:47:36 router dnsprobe[276]: dns query failed Jul 17 22:47:38 debian kernel: rtc: lost some interrupts at 1024Hz. Jun 17 22:47:39 debian kernel: IN=eth0 OUT= MAC=00:0f:ea:91:04:07:00:08:5c:00:00:01:08:00 SRC=61.4.218.24 DST=192.168.1.100 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=21599 DF PROTO=TCP SPT=59297 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Common Linux log files name and usage
- /var/log/message: General message and system related stuff
- /var/log/auth.log: Authenication logs
- /var/log/kern.log: Kernel logs
- /var/log/cron.log: Crond logs (cron job)
- /var/log/maillog: Mail server logs
- /var/log/qmail/ : Qmail log directory (more files inside this directory)
- /var/log/httpd/: Apache access and error logs directory
- /var/log/lighttpd: Lighttpd access and error logs directory
- /var/log/boot.log : System boot log
- /var/log/mysqld.log: MySQL database server log file
- /var/log/secure: Authentication log
- /var/log/utmp or /var/log/wtmp : Login records file
- /var/log/yum.log: Yum log files
In short /var/log is the location where you should find all Linux logs file. However some applications such as httpd have a directory within /var/log/ for their own log files. You can rotate log file using logrotate software and monitor logs files using logwatch software.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
{ 35 comments… read them below or add one }
Very informative. Helped me :) thumbs up
Very nice, thanks a lot
dear talent,
Can u help me how to redirect the /var/log/messages to email.
DNS server if any clients query log will stores /var/log/messages files i need to send those lof files in ip wise daily or weekly.
how shell i do it.
Dear Vivek,
I had an automatic reboot system in my server linux and I donĀ“t find any evidence about the cause that could produce that.
Can you explain me where I have to looking for logs of error that guide me to find automatic reboot cause?.
Regards,
Gonzalo R.
your permissions. you can set it so a remote user can shut down the server. change permissions on shutdown or search your distributions forum and post if you do not find an answer in there or in google.
some distributions are setup that way by default, which is kind of annoying. Means if anyone logs in remotely in any way, they can turn you off or reboot you. NOT FUNNY. I hope you have a firewall and have it enabled.
where can i find the AT command logs. how to find out when the last time AT command run.
Thank you very much.
Chandra You can do this by opening a terminal and typing #cd /var/log/ and may view the files in the directory by typing #ls . You may view the log by typing #vi /var/log/messages .
I can see a lot of the following error in my system and I cannot understand what it means, can yu shed somelight on it
Feb 22 04:40:00 msuic3 msu6_6: ciMonitor 3 of 131 registered tasks Failed!
It’s a fruitful information…
Thanks a lot vivek
Hi,
I want classify logs and store it in a database. Into what categories can/should I classify them.
Thank you,
Sparrow
Hi there Linux users, I have bean trying to in stall Debian Lenny beta 2-i386 in a raid 0 con fig, on my p/c
the hard ware is all set up for raid 0, I am having difficulty with the configuration of the partitons, boot sector, file type, the “type of file allocation table” to install. I have bean trying to track down the
var/log, but I cant find that, the location was “http://192.2.2/var/log/partman_choose_partitiion_o.png
I have bean using pure dyne live CD to help me ,but I still was not able to look at the “/var/logs,
invariable I think I need expert help. thank you in advance
this is a reply to my last message , I have given up on trying to install Linux on a virtual raid 0 system, so I ended up installing win 98 se with a new web browser OPERA and it runs like a hot dam, by far this is my most complex P/C to date, in one respect by the things it can do, the open source community has truly bean a liberator for me , not to mention Debian lenny -57-i386 1.iso I know this is old hat by computer standards , I was having problems trying to install NDISWRAPPER on an i386 architecture , and it did not help when my PC was hacked and I was effectively locked out of my p/c, no thanks to VLUG in Victoria but thats a “Hole” different story, I ended up installing ndiswrapper with a new O/S on a network complete with a bunch of other computers , I am currently working on a new black project , but that is top secret .
I have a basic account in linux of my intitue. How can i know all the login sessions done in my account ,their timing etc… an i also know any ftp or ssh done in my account?????
Just type
last
it will tell you when, what ip address, time in and out , and for how long
Thanks. I have a question: does Linux record the software installation process? For example I use apt to install some software in Debian but I would like to know where it puts the files. Can it be found in log file?
hi friends,
i have smb server and i want to know the logs of each and every folder those who access please help its very urgent…..
pls go to /var/log/messages file there you will find your all logs of smb server
thanks, it helped me
how can we check online redo log file is full or empty?
Which command use to routed logs in linux
thanks, it helped me a lot. To know about log files this is very helpful…
Someone desintalled an application on my Linux server ( Control_M) – What log file should I search for that – and find out who is doing it?
Hi,
I am new to Linux, Can u pls any one of u tell me how to copy files using “rcp” from the remote location and what r da min requirements to my system.
Hi,
[1] What log files in /var/logs can we safely delete to free up hard-disk space?
[2] System reports “Disk-Controller Failure” then which log files in /var/logs should we check?
/var/log/kern.log
/var/log/boot.log
or some other log files?
hi, i am having webserver in linux and mail server in windows.
in our websites we have contuct us page from that we are not able to get any email.
Can anyone help me in this reg
Let me know which linux distribution is used , and the web server having public domain ?
Dear naresh,
there is coomand –
#rsync -r Ipaddress :location of data
example :
#rsync -r192.168.0.18 :/root/slides
rgds
amit
Trace of runtime activities in UNIX
I’ve taken a project to work upon tracing of runtime activities on unix system
into a log file. Like, to implement a program which will show the log of everything
happened in past, including many requirements, like applications i used (with the time of access),
kind of files/directories i opened, closed, created, deleted(with the time), etc.
Please suggest me something to do it in a better way.
How can i archive all the log files in redhat enterprise linux5?
Your help would be really appreciated.
Thanks
I’m confused what does the following command do :
sudo cat /var/log/messages | grep err | -d” -f5
It re-routes the encryption code
Thanx man ..!!!
:-)
Is anyone able to tell me why I can no longer get Outlook to recognize email address spammaster@domain.com after deleting maillog files to make more room on our email server. This was set up as a forward of all spam so it could be reviewed.
We are running spammaster with sendmail on a FreeBSD server.