Programming for Beginners : 2 book in 1: Linux for beginners, SQL for Beginners by Matthew Python

Author:Matthew Python [Python, Matthew]
Language: eng
Format: epub, pdf
Published: 2020-03-15T17:00:00+00:00

Sys log entry analysis

These are usually four analysis factors that can be used to determine the logging functionality. They are very important for understanding the log details.

1) Facility

2) Priority

3) Selector

4) Action

In this section we will have a brief discussion about all the four concepts so that you can get a good understanding about the Log entry analysis.

1) Facility

This entity stores the information about the file or application that has sent the log report. There are a lot of application availabilities such as File transfer protocol, Mail etc.

Here we will discuss about some of the most important syslog facilities.

a) auth

When you find this in the log file then remember that it represents sensitive information of authorization. Some of the examples include login,getty.

b) cron

Cron is an automatic scheduler functionality available in the Linux system. All the log messages that are delivered by the scheduler can be found with this facility.

c) Kern

Kernel as we all know is the most important entity that runs the Linux system. Usually kernel sends different messages to the other systems. This facility can help us dig information about the kernel.

d) Mail

Mail protocol is very essential as a lot of communication is now resided on it. Using this facility, you can look at the logging information of your messages, recipients and a lot other.

e) Ftp

File transfer protocol is a service that Linux offers to transfer files in a remote computer. A lot of information is logged during this procedure which can be easily acquired using this facility.

There are a lot of other facilities which can be used for better Log analysis.

2) Priority

Priority is one of the important parameters present in the logging system. It makes sense to look at log files that need to be dealt in a quick way. You can easily filter log files based on priority. Here are some important priority factors that need to be known.

a) emerg

This is used when there is an extremely critical condition in the system

b) Alert

Alert makes us remember the catastrophe that the system is going to face. Continuous log analysis is a must to look back at alerts and deal with them.

c) err

This is another parameter that needs to be looked at as soon as possible. Errors can make system functionalities halt.

Selector and Action

With the above-mentioned parameters, we can easily filter out the valid and required logs. Now with these filters there are often a lot of Logs that will be tracked. However, it is not reliable to look at every log that is present. So, we use selector and Action functionalities to further filter the only Log files we are looking for.

For example: By using the selector and action we can only filter Emergency log files that deals with system.

We need to know about Message selector and Message action before continuing to the next section.

a) Message selector

Message selector is the functionality that checks which logs are important and necessary from a bundle of Log files that are available.

b) Message Action

Message action is a parameter that makes us to say what we can do with the selected Message.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.