13

I can check all kinds of error info with event viewer,

but I'm not yet aware of there is such utility in linux,

I can only check error logs of a specific application,

or is there such a tool in linux too?

wamp
  • 1,177
  • 3
  • 12
  • 17
  • I am sorry, but even under windows you cannot see **all** the types of logs with the **event viewer**. There are a large number of services and applications that create their own logs. – Zoredache May 31 '10 at 08:53

3 Answers3

8

In Linux/Unix/Posix (but from here I'll just say 'Linux') all the logs are written as text files - so anything which reads text files can read the logs.

What you see in MSWindows Event Viewer are the messages logged by the system logging facility - there is nothing to prevent applications writing logs elsewhere (and sometimes there are good reasons for not using the system logging facilities). The same situation exists in Linux - there are 2 daemons which should be started when the system boots - syslogd and klogd. The latter records messages generated from the kernel while the former records messages from programs. Syslogd's behaviour is configurable - the config file is usually /etc/syslog.conf

(the links I've provided here are to documents which should already be available on your system - try typing, e.g. 'man syslog' at the prompt).

By convention, the log files should be in a directory /var/log (/var/adm/log on some systems). Usually, there is a program like logrotate which periodically renames old files and deleted very old files (it may also compress files) from the log directory.

So to see what's been happening with users logging on to the system I would do somethnig like:

[symcbean@linux]$ su
password:
[root@linux]# cd /var/log
[root@linux]# ls

(I'll omit the big list of files generated at this point)

[root@linux]# less secure

the less program pages text files to the screen (and adds facilities for searching and other functionality) and usually comes as standard. Another useful program is tail which lets you new entries as they are added to the file. There are enhanced versions such as multitail which let you look at multiple files and will add contextual colour to the output.

HTH

C.

symcbean
  • 19,931
  • 1
  • 29
  • 49
5

In Ubuntu:

System -> Administration -> Log File Viewer

or: Alt + F2 and type:

gnome-system-log

As far as I remember in KDE based distributions you can use KSystemLog.

Casual Coder
  • 1,216
  • 1
  • 11
  • 12
0

Splunk will do what you are looking for, and much much more

Zypher
  • 36,995
  • 5
  • 52
  • 95