In this article, I will discuss how you can monitor your log files in a Linux server, which is one of the key tasks of any Linux System Administrator. But before that, let’s discuss what is the log file.
Table of Contents
What is Log file
According to WiKi, a log file is a file that records either events that occur in an operating system or other software runs or messages between different users of communication software. Logging is the act of keeping a log. In the simplest case, messages are written to a single log file.
So a log is basically an event record captured by any software and any particular event. So now we know what is a log file, then let’s discuss what are the most common log files in Linux which we should know as a system administrator.
There are many logs available in Linux systems and in this article, we will discuss the top log files which is used by Apache server.
Apache Access log
The first log file we will discuss is the Apache access log. The Apache access log is one of several log files produced by an Apache HTTP server. This particular log file is responsible for recording data for all requests processed by the Apache server. So if an individual visits a webpage on your site, the access log file will contain details regarding this event. To view the apache access log, please run this command in your terminal.
watch tail -n 15 /var/log/httpd/access_log
Apache Error Log
The next topic is the Apache error log. The Apache error log is where information is recorded about any errors or anomalies it encounters. Many of the “errors” Apache records are typically minor, such as a visitor requesting a file that doesn’t exist. To view the Apache error log, please run the command in the terminal.
watch tail -n 15 /var/log/httpd/error_log
Top 10 visitors
Let’s say, we want to find the Top 10 visitors in our site. Then we can run this command, which will give us the top 10 visitors in our site.
awk '{ print $1}' access.log.2016-05-08 | sort | uniq -c | sort -nr | head -n 10
Conclusion
Logs are really an essential part of any application. We need a log to debug and analyze issues. All good software’s keep logs to the main events, which helps system administrator and developer to debug further their application in a production environment. In this article, I have discussed what the key log files in Apache and how can we easily use it to do some forensic investigation.