系统日志和日志文件log
?
?
?
----------------------系统日志 message
tail -f /var/log/message*
?
?
?
----------------------系统日志配置文件/etc/syslog.conf
[root@kolvin log]# vim /etc/syslog.conf
# The authpriv file has restricted access.
authpriv.*????????????????????????????????????????????? /var/log/secure
# Log all the mail messages in one place.
mail.*????????????????????????????????????????????????? -/var/log/maillog
# Log cron stuff
cron.*????????????????????????????????????????????????? /var/log/cron
# Everybody gets emergency messages
*.emerg???????????????????????????????????????????????? *
# Save news errors of level crit and higher in a special file.
uucp,news.crit????????????????????????????????????????? /var/log/spooler
# Save boot messages also to boot.log
local7.*??????????????????????????????????????????????? /var/log/boot.log
?
?
?
?
----------------------特殊日志文件
/var/log/wtmp 包含用户登陆系统和退出系统的记录,以二进制形式保存
/var/log/lastlog类似wtmp ,以二进制形式保存
?
----------------------内核和启动日志
?
?
----------------------日志轮换工具logrotate
配置文件/etc/logrotate.conf
?/etc/logrotate.d/
?
ubuntu下也有savelog
?
----------------------系统事件的日志程序syslog
?
/var/log/syslog
/var/log/secure 系统安全日志
/var/log/wtmp 记录登陆者的数据
/var/log/lastlog 记录登陆时间
/var/log/dmesg? 系统启动日志
dmesg | grep error
?
?
?
?
?
?
?
?
?
?
