I recently mentioned where to look for problems, but I did not talk a lot about the different log files and only described them briefly. I think it is pretty good and valuable to know at least a little bit more about them and thus here comes a short description of some of the log files you could possibly find. As always it is up to you to search for more details on the Internet, manual pages, tutorials and how-to’s.
The used virtualization technology
Before I even start to talk about some of the useful log files and what they hold I need to say one very important thing. Not all log files will function properly with your particular VPS server. Whether a particular log file will give you any usable data or not depends on the virtualization technology your web hosting provider uses. Most of the time OpenVZ might get you only limited log files as it is not a true HW virtualization.
VPS server log file breakdown
auth.log
This log file holds info about successful and unsuccessful authentication attempts. It would be the first log file to look in if you would like to check if any attempts to enter your system have been made.
mail.*
This log file is dedicated to all log messages related to mail. Err stands for error, log for general log’s and the suffix tells yo what kind of logs are included in the particular file + what’s the severity of the report in the file 
faillog & lastlog
These two are really hard to decipher as on my system they really do not give any usefull output by running tail [logfile]. On the other hand by issuing the ‘lastlog‘ command you will get a list of users and their most recent log in date
rkhunter & clamav
rkhunter.log is the log file where the root kit hunter software places all the reports it gathers after running on your system. Check it out after you run the scan to find out where are the problematic files located and how severe the problems really are. Clamav is a folder where the anti virus software stores its update reports and logs.
Apt
As you might guess this folder is dedicated to apt [the packaging system used by Debian] and holds update data.
dmesg
You might have this or you do not, but in theory this log can work as a command as well. By typing ‘dmesg’ or after looking into the log file itself you will see the kernel ring buffer output. It lists everything “what happened” after you started up your system e.g. whether or not your network interface came up and what’s the type, what cpu, ram, what problems occurred during boot and much much more. It’s very detailed, but many info can be found in other log files as well It helps a lot by troubleshooting
Memento
I just hope I did not forget on something important here 
If you have any problems relating to your VPS server, than the best place to start looking for the cause and remedy is in your /var/log/ directory. Many useful things can be found by closely reading the log files and analysing them. You will be asked to provide your log file output when seeking help on various help and support forums, thus it is very important to know at least the basics of where to find the right info and what log file hold what information.
Have a nice day and see you next time here at Icethunder.net.!
No related posts.
Comments are closed.