Log files are a gold mine of information for the system administrator. You can use your log files to detect intruders into your system. Log files can also be used to troubleshoot problems with your system. In this part of the chapter, I’ll teach you how to manage and use your system log files. I’ll cover the following topics:
• Configuring log files
• Using log files to troubleshoot problems
• Using log files to detect intruders
Let’s begin by discussing how to configure your log files.
Your system log files are stored in the /var/log directory, shown in Figure 17-16.
Notice in Figure 17-16 that there are a number of subdirectories in /var/log where system daemons, such as mysql, apparmor, audit, samba, ...