Syslog Server Linux Part 1

This time I will share my experience when using the System Logs in Centos 5.5.

What's that System logs in Linux??
If we work as a System Administrator in a company, we have a responsibility to secure important information in an enterprise. Also become our responsibility in maintaining a system of computation in the company of any errors that occur. Well, everybody, let's me introduce u the System which could handle that problems, here it is, give a big applause for our System, "System Log".

More about the functionality and usefulness of the System Log, and when the error is occurring in the system computer on the server or client, then we can use this service. We can also know the intruder who entered into the server or client using this service so that we can minimize data theft or infromasi in the company.

Location Of Log Files
Most log files in linux system folder stored in the "/var/log". The easiest way to understand it is Learning by doing, if for the location you can see for yourself.

Well, now let's get right on its implementation.

try opening the terminal in a way:
Click Application > > Accesories > > Terminal

Then type: "tail -f /var/log/messages", then it would appear the information service and system in our computer or through a GUI, click "System > > Administration > > System Log".

use the terminal
Appears if results through GUI

Some of the information shown is including date, name of the computer where we run the system or service, and information-information about the system and run the service. Very easy right??

Then, when the server that currently we manage so the computer attack experienced X can infiltrate into the server, the most powerful way for us to be able to know who is with X computers see it in the file: "/var/log/secure".

To see it can use a terminal or through the GUI. When through the terminal, the way the entry is the same as above, when the terminal is already appear, then type:
tail -f /var/log/secure

use the terminal

And we will get the IP address of the computer that creep into our server, so we can perform actions to the user of that computer, can track its existence.

If you are a person who prefers through graphics, then the way is also easy.
System > > Administration > > System Log > > Secure

Then will appear the same as through the terminal.
The results that emerged through the GUI

Click here for Comments