Different types of Linux log files and setting steps

Linux log file types and configuration methods

In the Linux system, log files are very important. They record the running status of the system, user operations and various the occurrence of such events. By checking log files, system administrators can discover problems in time and handle them accordingly. This article will introduce the common types of log files in Linux systems and how to configure logging.

1. Log file types

1. System log: System log is a log file that records the running status of the system, including system startup, shutdown, service startup and stop, and other information. Common system log files include:

   • /var/log/syslog: Record the overall operating status of the system
   • /var/log/messages: Record the log of important system events

2. Authentication log: The authentication log records the user's login into the system, including information such as successful login and failed login. Common authentication log files include:

   • /var/log/auth.log: records authentication-related logs
   • /var/log/secure: records user access to the system Security related information

3. #Application log: The application log records the running status of various applications, including error messages, warning messages, etc. Different applications may record logs to different files. Common application log files include:

   • /var/log/apache2/access.log: Record the access log of the Apache server
   • /var/log/nginx/error.log: Record the error log of the Nginx server

4. Security log: The security log records system security events, such as Intrusion attempts, firewall rule changes, etc. Common security log files include:

   • /var/log/auth.log: records authentication-related logs
   • /var/log/secure: records the security of user access to the system Related information

5. #Kernel log: The kernel log records the running status of the system kernel, including various hardware information, error information, etc. Common kernel log files include:

   • /var/log/kern.log: records kernel-related operating status
   • /var/log/messages: logs that record important system events

2. Configuration method

1. Configuring log rotation: Since log files will continue to grow, in order to save disk space, you need to configure logs Rotate. Log rotation can be achieved by modifying the logrotate configuration file, such as the /etc/logrotate.conf file. The following is a simple configuration example:

   /var/log/syslog {
    size 100M
    rotate 4
    create
    compress
   }

   The above configuration means that when the syslog log file reaches 100M, it will be rotated, a maximum of 4 old logs will be retained, and the old logs will be compressed.

2. Configure log level: Sometimes we need to filter log information of different levels, which can be achieved by configuring the syslog level. Different levels can be set by modifying the rsyslog configuration file, such as the /etc/rsyslog.conf file. The following is a simple configuration example:

   *.info /var/log/messages
   auth.* /var/log/auth.log

   The above configuration means that the info level logs are written to the messages file, and all authentication-related logs are written to the auth.log file.

3. Configure log splitting: Sometimes we need to split logs by time, which can be achieved by configuring cron scheduled tasks. You can create a shell script to implement log splitting and add it to a cron scheduled task. The following is a simple script example:

   #!/bin/bash
   DATE=$(date +"%Y%m%d")
   cp /var/log/syslog /var/log/syslog.$DATE
   echo "" > /var/log/syslog

   The above script indicates that the syslog log file will be backed up and cleared every day so that the logs can be recorded by date.

Through the above configuration methods, we can better manage the log files in the Linux system, discover and solve problems in time. Hope this article is helpful to you.

The above is the detailed content of Different types of Linux log files and setting steps. For more information, please follow other related articles on the PHP Chinese website!