Khwooo’s Weblog

July 13, 2007

linux system logs

Filed under: linux — Tags: , , , , — khwooo @ 2:09 pm

天那好久沒回來 +_+


首先 linux 的 log 在 /var/log/ 下面,裡面有:

/var/log/message: Genreal message and system releated stuff
/var/log/auth.log: Authenication logs
/var/log/kern.log: Kernel logs
/var/log/cron.log: Crond logs
/var/log/maillog: Mail logs
/var/log/httpd/: Apache access and error logs directory
/var/log/boot.log : System boot log
/var/log/mysqld.log: MySQL database server log file
/var/log/secure: Authentication log
/var/log/utmp or /var/log/wtmp : Login records file
/var/log/yum.log: Yum log files

關於中文詳述可以參考Linux 私房菜 — 登錄檔的分析啦!


split 切割檔案
lastlog -> /var/log/lastlog
dump-utmp ->/var/run/utmp
last -x -f (wtmp)
ac -d (wtmp)
who /var/log/wtmp

草率貼上來,詳情請 man 一下

Linux log files location …
CERNET 网络应急响应组
linux系統安全(二): 日誌
資安論壇 :: 觀看文章 – 常見的系統紀錄


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at

%d bloggers like this: