Network Logs Monitoring and Analysis Flashcards

1
Q

What is a log?

A

A collection of information/data on events generated in the form of an audit trail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe these logging approaches:
1) Local
2) Centralized

A

1) Logs user activities on the host machine.
2) Stores the logs generated by network devices on a central server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe these log event types:
1) Error
2) Warning
3) Information
4) Success Audit
5) Failure Audit

A

1) A significant problem such as loss of data or loss of functionality.
2) Not significant but may indicate a future problem.
3) Describes a successful operation of an application, driver, or service.
4) An audited security access attempt that is successful.
5) An audited security access attempt that fails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where are Linux logs located?

A

They are located in the /var/log directory and from there are categorized by log type; auth, kern, cron, boot, httpd, mysql.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe these linux commands:
1) cat
2) tail
3) head
4) less
5) more
6) grep

A

1) Displays file contents
2) Displays the last 10 lines of a file
3) Shows the first 10 lines of a file
4) Displays the contents of a file one page (screen) per time.
5) Display the number of lines of a text file that can fit on the screen.
6) Searches for a specific string in a file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly