Where can I find the Centos Syslog Files?

Where can I find the Centos Syslog Files?

Hello Jess Wwagner

There are two methods of viewing system log files or any other log files on Centos.

1) All the log files are located under the directory "var/log", and its subdirectories, to go to this directory use the cd command but you have to be the root user. You can use less, more or tail command to see the log files.

Example

Go to /var/logs

# cd /var/logs

In this example i am viewing "message" log file

# tail -f /var/log/massages

# less /var/log/massages

# more -f /var/log/massages

# vi /var/log/massages

Use any above to view log files. In your case you have to change the syntax to " var/log/boot.log" it will show  you the system boot log files.

The output for my log file is

Jul 17 22:04:25 router  dnsprobe[276]: dns query failed

Jul 17 22:04:29 router last message repeated 2 times

Jul 17 22:04:29 router  dnsprobe[276]: Primary DNS server Is Down… Switching To Secondary DNS server

Jul 17 22:05:08 router  dnsprobe[276]: Switching Back To Primary DNS server

Jul 17 22:26:11 debian — MARK —

Jul 17 22:46:11 debian — MARK —

Jul 17 22:47:36 router  — MARK —

Jul 17 22:47:36 router  dnsprobe[276]: dns query failed

Jul 17 22:47:38  debian kernel: rtc: lost some interrupts at 1024Hz.

Jun 17 22:47:39  debian kernel: IN=eth0 OUT= MAC=00:0f:ea:91:04:07:00:08:5c:00:00:01:08:00 SRC=61.4.218.24 DST=192.168.1.100 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=21599 DF PROTO=TCP SPT=59297 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0You will get a similar output like this

You will get a similar out put like this.

Here are some of the common Linux log files and there usage.

/var/log/message: General message and system related stuff

/var/log/auth.log: Authentication logs

/var/log/kern.log: Kernel logs

/var/log/cron.log: Crond logs (cron job)

/var/log/maillog: Mail server logs

/var/log/qmail/ : Qmail log directory (more files inside this directory)

/var/log/httpd/: Apache access and error logs directory

/var/log/lighttpd: Lighttpd access and error logs directory

/var/log/boot.log : System boot log

/var/log/mysqld.log: MySQL database server log file

/var/log/secure: Authentication log

/var/log/utmp or /var/log/wtmp : Login records file

/var/log/yum.log: Yum log files

2) To view log files in an interactive way use "System Log Viewer" application. Remember most log files are in plain text  format so you can view them with any text editor such as V1 or Emacs also root privileges are required to view most of the files.

To start the application, go to "Application" in main menu on the panel than go to "System" than to "System logs, or type the command "gnome-system-log" at the shell prompt. You will have something like this

Obviously your will differ than mine.

Now if you want to filter the content. Click on the "View" and then on "Filter" like this

A the bottom you will see the "Filter" field. Write there any keyword you want to filter.If you want to clear you Filter field than click on "Clear".

I hope this info will Solve your problem.

Thanks