Almost all log files are located under /var/log directory and its sub-directories on Linux. You can change to this directory using the cd command. You need be the root user to view or access log files on Linux or UNIX like operating systems. You can use the following commands to see the log files:
1. less command
2. more command
3. cat command
4. grep command
5. tail command
6. zcat command
7. zgrep command
8. zmore command
How do I view log files on Linux?
Open the Terminal or login as root user using ssh command. Go to /var/logs directory using the following cd command:
# cd /var/logs
To list files use the following ls command:
# ls
To view a common log file called /var/log/messages use any one of the following command:
# less /var/log/messages
# more -f /var/log/messages
# cat /var/log/messages
# tail -f /var/log/messages
# grep -i error /var/log/messages
Common Linux log files names and usage
§ /var/log/messages : General message and system related stuff
§ /var/log/auth.log : Authenication logs
§ /var/log/kern.log : Kernel logs
§ /var/log/cron.log : Crond logs (cron job)
§ /var/log/maillog : Mail server logs
§ /var/log/qmail/ : Qmail log directory (more files inside this directory)
§ /var/log/httpd/ : Apache access and error logs directory
§ /var/log/lighttpd/ : Lighttpd access and error logs directory
§ /var/log/boot.log : System boot log
§ /var/log/mysqld.log : MySQL database server log file
§ /var/log/secure or /var/log/auth.log : Authentication log
§ /var/log/utmp or /var/log/wtmp : Login records file
§ /var/log/yum.log : Yum command log file.
GUI tool to view log files on Linux
System Log Viewer is a graphical, menu-driven viewer that you can use to view and monitor your system logs. This tool is only useful on your Linux powered laptop or desktop system. Most server do not have X Window system installed. You can start System Log Viewer in the following ways:
Click on System menu > Choose Administration > System Log:
A note about rsyslogd
All of the above logs are generated using rsyslogd service. It is a system utility providing support for message logging. Support of both internet and unix domain sockets enables this utility to support both local and remote logging. You can view its config file by tying the following command:
# vi /etc/rsyslog.conf
# ls /etc/rsyslog.d/
In short /var/log is the location where you should find all Linux logs file. However, some applications such as httpd have a directory within /var/log/ for their own log files. You can rotate log file using logrotate software and monitor logs files using logwatch software.
Via: Linux Log Files Location And How Do I View Logs Files on Linux?.
guynaftaly 