IN THIS CHAPTER
Explaining log files
Using various loggers
Managing log files
Examining and analyzing log files
Few Linux books provide separate chapters on logging; they discuss log files only in the context of the applications that create them. In reality, because Linux stores all of the log files for system applications in a single directory, examining logging as a general concept provides some good insights should you ever need to try to diagnose a system problem on your SUSE system.
Logging is the way that Linux tells you what is happening, from general status information to error logging. This proves very useful for day-to-day diagnostics and should be the first port of call for any anomalies that you find on your system.
Being aware of the importance and usefulness of logs is the beginning of wisdom in terms of solving problems on a Linux system, whether it is the computer in front of you now or a customer's business-critical server.
One of the most common and useful ways of using logging in real time to diagnose a problem is to type (for instance)
tail -f /var/log/messages in one terminal while running the command that is causing you the problem in another. This will show anything that is added to the log file while the problematic command runs.
We will talk about the traditional standard logging facility in Linux,
syslogd; the newer and more versatile
syslog-ng (next generation); and
logrotate (for managing and eventually deleting the log files once written). ...