Welcome to the day-5 blog of the Linux workshop Guided by Mr Pranav Jambare .

The following Topics were covered on Day 5 of the workshop.

---

Logs

• Linux logs provide a timeline of events for the Linux operating system, applications, and system and are a valuable troubleshooting tool when you encounter issues.

• When issues arise, analyzing log files is the first thing an administrator needs to do.

• Linux has a special directory for storing logs called /var/log.

This directory contains logs from the OS itself, services, and various applications running on the system.

Here are various logs that can be found

1. Kernel log -> kernel related

2. Boot log -> Booting related

3. Cups log -> Pointer related

4. dmesg log -> Device related

5. wtmp log -> Login/Logout related

6. mail log -> Mail related

7. fail log -> failed login related

8. yum log -> package installation related

9. cron log -> Scheduling related

10. secure log -> Authentication related

11. message log -> 85-90% logs are messages

12. xorg -> graphic related

rsyslog.conf

• The rsyslog.conf file is used for configuring rsyslog service in Linux.

• It is located in "/etc/rsyslog.conf"

• "/etc/rsyslog.d/" for ubuntu

• It consist of rules, how log messages are recieved, processed and forwarded.

Facilities and Properties

Facilites:-

• Facilities are simply categories.

• Supported facilities in Linux are auth, auth-priv, cron, daemon, kern, lpr, mail, mark, news, syslog, user, uucp, and local0 through local7.

some of these are self-explanatory, but the following are of special note:

1. auth

   Used for many security events

2. auth-priv

   Used for access-control-related messages

3. daemon

   Used by system processes and other daemons

4. kern

   Used for kernel messages.

5. mark

   Messages generated by syslogd itself, which contain only a timestamp and the string --MARK--; to specify how many minutes should transpire between marks, invoke syslogd with the -m [minutes] flag.

6. user

   The default facility when none is specified by an application or in a selector.

7. * Wildcard signifying "any facility."

8. none

   Wildcard signifying "no facility."

Priorities:-

• Possible priorities in Linux are (in increasing order of urgency): debug, info, notice, warning, err, crit, alert, and emerg.

Creating a Custom Log

#move to /var/log/ directory :
[root@localhost ~]# cd /var/log/

#Create a file myLog.log :
[root@localhost log]# touch myLog.log

#Create a facility and priority in rsyslog.conf file :
[root@localhost ~]# vim /etc/rsyslog.conf

#Adding facilities and priorities in the rsyslog.conf file :
*.*             /var/log/myLog.log


#Restarting the "rsyslog.service: service :
systemctl restart rsyslog.service

#view the output dynamically using tail command
tail -f <pathToFile>

Log Rotation

• Log rotation is the process of managing log files by automatically archiving, compressing, and eventually removing old log files to prevent them from growing too large and consuming excessive disk space.

• We configure Log rotate by editing "logrotate.conf" file.

---

yum ,rpm & apt

yum

• "YUM” is an acronym that stands for “Yellowdog Updater, Modified"

• yum commands

1. yum install <packageName> -y

2. yum remove <packageName> -y

3. yum update <packageName>

4. yum list <packageName>

5. yum search <packageName>

6. yum info <packageName>

7. yum update -y

rpm:-

• RPM stands for Red Hat Package Manager.

• It is a free and open-source package managment system.

• rpm comands

1. rpm -ivh <packagename>

   to see show installation on screen

2. rpm -qpr <packagename>

   search package dependencies

3. rpm -ivh --nodeps <packagename>

   download package without dependencies

4. rpm -q<packagename>

   search package

5. rpm -qa -last<packagename>

   Lists all installed packages sorted by their installation timestamp, with the most recently installed package displayed at the top. rpm -qa -last

6. rpm -qa

   List all packages

7. rpm -uvh <packagename>

   update package

8. rpm -evv <packagename>

   remove package

apt

• Advanced package tool, or APT, is a free-software user interface that works with core libraries to handle the installation and removal of software on Debian, and Debian-based Linux distributions.

• apt commands:

1. apt -get update -y -> System update

2. apt -get check <package name>

3. apt -get upgrade <package name>

4. apt -get install <package name>=<version no.>

5. apt -get install <package1><package2>

6. apt -get install -download-only <package name>

---

Repositories

• A repository is a centralized storage location that contains software packages, metadata, and information about dependencies.

• The repo's are stored at "/etc/yum.repos.d/redhat.repo", you can navigate there using the cd command and look up the file.

Journalctl

• Journalctl is a command-line utility in Linux that allows you and is responsible to access, view and collect logs from the systemd journal.

---

Cron

• Cron is a time-based job scheduling utility, in short, it's a scheduler.

• It allows users to schedule and automate the execution of commands or scripts at specific intervals, such as daily, weekly, monthly, or at specific times of the day.

• Cron commands:

    #cronlist
    crontab -l 
  
    #cron edit
    crontab -e
  
    #Defining a cron tab
    <minute> <hours> <date> <month> <day> <command>
  

• Example

  ```plaintext #Create a file cronTest at /tmp [root@localhost tmp]# touch cronTest

  #edit the crontab file : [root@localhost ~]# crontab -e

#Enter the fields according to the sytax above

• • • • • echo "This is a cron" >> /tmp/crontest

  #use tail command to get dynamic output [root@localhost ~]# tail -f /tmp/cronTest

  #output This is a cron This is a cron ```