Home > Article > Operation and Maintenance > Different types of Linux log files and setting steps
Linux log file types and configuration methods
In the Linux system, log files are very important. They record the running status of the system, user operations and various the occurrence of such events. By checking log files, system administrators can discover problems in time and handle them accordingly. This article will introduce the common types of log files in Linux systems and how to configure logging.
1. Log file types
System log: System log is a log file that records the running status of the system, including system startup, shutdown, service startup and stop, and other information. Common system log files include:
Authentication log: The authentication log records the user's login into the system, including information such as successful login and failed login. Common authentication log files include:
#Application log: The application log records the running status of various applications, including error messages, warning messages, etc. Different applications may record logs to different files. Common application log files include:
Security log: The security log records system security events, such as Intrusion attempts, firewall rule changes, etc. Common security log files include:
#Kernel log: The kernel log records the running status of the system kernel, including various hardware information, error information, etc. Common kernel log files include:
2. Configuration method
Configuring log rotation: Since log files will continue to grow, in order to save disk space, you need to configure logs Rotate. Log rotation can be achieved by modifying the logrotate configuration file, such as the /etc/logrotate.conf file. The following is a simple configuration example:
/var/log/syslog { size 100M rotate 4 create compress }
The above configuration means that when the syslog log file reaches 100M, it will be rotated, a maximum of 4 old logs will be retained, and the old logs will be compressed.
Configure log level: Sometimes we need to filter log information of different levels, which can be achieved by configuring the syslog level. Different levels can be set by modifying the rsyslog configuration file, such as the /etc/rsyslog.conf file. The following is a simple configuration example:
*.info /var/log/messages auth.* /var/log/auth.log
The above configuration means that the info level logs are written to the messages file, and all authentication-related logs are written to the auth.log file.
Configure log splitting: Sometimes we need to split logs by time, which can be achieved by configuring cron scheduled tasks. You can create a shell script to implement log splitting and add it to a cron scheduled task. The following is a simple script example:
#!/bin/bash DATE=$(date +"%Y%m%d") cp /var/log/syslog /var/log/syslog.$DATE echo "" > /var/log/syslog
The above script indicates that the syslog log file will be backed up and cleared every day so that the logs can be recorded by date.
Through the above configuration methods, we can better manage the log files in the Linux system, discover and solve problems in time. Hope this article is helpful to you.
The above is the detailed content of Different types of Linux log files and setting steps. For more information, please follow other related articles on the PHP Chinese website!