Logs Flashcards
Where are log messages located?
/var/log
Where are ssh login logs stored?
/var/log/secure
Where are system logs stored?
/var/log/messages
What is journald?
journal daemon for systemd
Aggregates logs across system into one location
How do you get the man page for journald?
man systemd-journald
How do you access journals?
journalctl
- x Additional information
- f Follow
- dumps all information inside journal daemon
Where are journal messages stored by default?
/run/log/journal */run directory is ephemeral like var (not persistent)
How would you make journal messages persistent?
Edit /etc/systemd/journald.conf
Storage=persistent
systemctl restart systemd-journald
*journal messages will be stored /var/log/journal
How can you get information on the boot performance?
systemd-analyze
systemd-analyze blame
*blame details how long each unit configuration file took
What determines the log level for logs?
/etc/rsyslog.conf
What are the different log levels?
“emerg” (0), “alert” (1), “crit” (2), “err” (3), “warning” (4), “notice” (5), “info (6), “debug” (7)
i.e journalctl -p info
