Logging articles

Last change: 2025-01-06

The kernel ring buffer on Linux stores information about important kernel events that can be used by the system administrator to troubleshoot.

Last change: 2025-01-06

SSH logs authentication attempts, but where? Find your SSH log file with these tips, such as in /var/log/auth.log or in the systemd journal.

Last change: 2025-01-06

Secure system and user services by restricting systemd units to read or write to the kernel log ring buffer with the unit setting ProtectKernelLogs.

Last change: 2025-01-06

Learn how to define the maximum size that the systemd journal daemon may use on Linux systems for storing journals and limit its disk usage.

Last change: 2025-01-06

Linux systems using systemd store kernel events in the journal logs. Show these entries with the '--dmesg' or '-k' option, optionally with a date.

Last change: 2025-01-06

Nginx is flexible when it comes to what should be logged in the access.log. With the combination of a map and if-statement, this can be achieved very easily!

Last change: 2025-01-06

Linux users who want to compliant with PCI DSS have to restrict log file viewing to only the owner. Learn how to achieve this.

Last change: 2025-01-06

Snoopy is a useful utility to log commands on Linux and create a related audit trail. Auditing trails are considered to be important for proper accounting.

Last change: 2025-01-06

Guide to setup central audit logging for your Linux based systems, with the use of the powerful Linux audit framework. No single audit log should get lost!