An introduction to Linux log files
Before you start with this guide it is recommended that you login to your VPS and follow this guide while looking at the files in there, as that is the best way to learn and memorize the things.
Learn about the log files when your system is running smoothly as understanding the log files will help you to successfully troubleshoot and fix any problems that might occur later on.
Finally, ‘Linux log files’ is a pretty extensive topic and it is unlikely to be fully covered in just one article. This article can probably serve just as a general guideline. Each application installed on the system has its own logging mechanism so whenever you need application specific information then the application documentation is the best place to look for it.
General log files
As a general standard in almost every Linux system, the log files are located in the
/var/log directory. Any other applications that you may later install on your system will probably throw their log messages here. Once you log on your system issue the
ls -l /var/log command to view the contents of this directory.
/var/log/messages – Most of the general system messages are logged here including the messages during the system startup.
/var/log/cron – The cron daemon messages are logged here. Started and stoped jobs as well as failure messages.
/var/log/mail.log – Log information from the mail server running on the server.
/var/log/wtmp – Contains all login and logout history.
/var/log/btmp – Records failed login attempts.
/var/run/utmp – Logs the present login state of each user.
/var/log/dmesg – This contains very important messages about the kernel ring buffer. In human terms this means that when the kernel spins up it logs all of the information here. The command
dmesg can be used to view the messages of this file.
/var/log/secure – Security related messages will be stored here. This includes messages from the SSH daemon, failed passwords, nonexistent users etc.
/var/log/mariadb – If MariaDB is installed on the system then this is the location where it will throw the logs by default
/var/log/mysql – If the MySQL database is installed this is the default logging directory.
Viewing and controlling log files
The primary logging Linux daemon is the
rsyslogd process and its configuration is located
For all of the plain-text log files, the logs can be viewed with the
cat command. However, if the log file is very big then you might wish to use the
tail command which can show only the last part of the log.
tail -n 500 /var/log/messages – to view the last 500 entries of the file.
To monitor the logs in real time
tail -f is also a very useful command which will monitor the messages as they are logged. This is particularly useful when troubleshooting mail flows and mail delivery errors.
tail -f /var/log/maillog
Some Linux logs are like binary files which need to be parsed by another application specifically tailored for viewing these logs. These logs are stored in
To view the contents of
To view the contents of
To view the contents of
cPanel specific log files
/usr/local/apache/logs/ – General Apache logs.
/usr/local/apache/domlogs/ – Domain specific logs.
cPanel log files:
/usr/local/cpanel/logs/ – All of the cPanel related messages are in this location.
DirectAdmin specific log files
DirectAdmin log files
/var/log/directadmin/ – DirectAdmin related logs.
Apache log files
/var/log/httpd/ – The Apache web-server are logged into the standard directory.
/var/log/httpd/domains/ – For all of the other domains the logs are in this sub-directory.
FTP log files
/var/log/proftpd/ – If ProFTPd is used.
/var/log/pureftpd.log – If PureFTPd is used.
Exim log files
/var/log/exim/ – Exim mail transfer agent logs are in this directory.
MySQL log files
/var/lib/mysql/server.hostname.com.err – This is the logging directory for errors related to the MySQL databases.
CentOS specific log files
/var/log/yum.log – Logs from the Yum package manager.
/var/log/httpd – On CentOS/RedHat based systems this is where the Apache web-server will store the logs by default.
Ubuntu specific log files
/var/log/apache2/ – On the Ubuntu systems the Apache web-server logs are stored in this directory.
/var/log/apt/ – Logs from the Ubuntu’s package management.
Arch Linux specific log files
/var/log/pacman – Pacman package manager logs on the Arch Linux distros.
If you have any questions feel free to comment below or sign up for our hosting services and contact our EPIC Support Team. They are available 24/7 and they will take care of your request immediately.
PS. If you liked this post please share it with your friends on the social networks using the sharing buttons or simply leave a reply below. Thanks.