13 Logging and Log Security

System logs are an important part of every IT administrator’s life. They can tell you how well your system is performing, how to troubleshoot problems, and what the users—both authorized and unauthorized—are doing on the system.

In this chapter, I’ll give you a brief tour of the Linux logging systems, and then show you a cool trick to help make your log reviews easier. Then, I’ll show you how to set up a remote logging server, complete with Transport Layer Security (TLS)-encrypted connections to the clients.

The topics that we will be covering are:

Understanding the Linux system log files
Understanding rsyslog
Understanding journald
Making things easier with Logwatch
Setting up a remote log server
Maintaining Logs ...

Get Mastering Linux Security and Hardening - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Linux Security and Hardening - Third Edition by Donald A. Tevault

13

Logging and Log Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly