Logs & Auditing

Comprehensive guides on system logging, audit trails, compliance monitoring, and security event analysis for enterprise applications and infrastructure.

Articles in Logs & Auditing

How to see last logins → last, lastlog, faillog
Learn how to monitor user login activity on Linux systems using last, lastlog, and faillog commands. Complete guide with examples, troubleshooting, and best practices.
How to set audit rules → auditctl -w -p rwa -k
Learn how to set Linux audit rules using auditctl -w command. Complete guide with examples, troubleshooting, and best practices for system monitoring.
How to report audit summary → aureport
Learn how to generate comprehensive audit reports using aureport command in Linux. Complete guide with examples, troubleshooting, and best practices for system administrators.
How to search audit logs → ausearch -k
Learn how to search Linux audit logs using ausearch -k command. Complete guide with examples, troubleshooting, and best practices for system administrators.
How to send a test log → logger "hello from logger"
Learn how to send test logs to loggers with "hello from logger" examples. Complete guide covering Python, Node.js, Java logging with code snippets and troubleshooting.
How to vacuum old logs → journalctl --vacuum-time=7d
Learn how to manage systemd journal logs efficiently using journalctl --vacuum-time=7d. Complete guide with examples, troubleshooting, and best practices.
How to show logs since time → journalctl --since "2025-08-01"
Learn how to use journalctl --since to view system logs from specific dates and times. Complete guide with examples, time formats, and troubleshooting tips.
How to show logs for a unit → journalctl -u
Learn how to view systemd unit logs using journalctl -u command. Complete guide with examples, filtering options, troubleshooting tips, and best practices.
How to follow live logs → journalctl -f
Learn how to monitor live system logs in real-time using journalctl -f command. Complete guide with examples, filtering options, and troubleshooting tips.
How to read system logs → journalctl
Master journalctl command to read, filter, and analyze system logs in Linux. Complete guide with examples, troubleshooting, and best practices for log management.