linux,

Where to find Stored Syslog Messages

Mar 04, 2022 · 1 min read · Post a comment
Where to find Stored Syslog Messages

When it comes to Syslog messages in Linux it’s important to know that they are handled by two services:

  • systemd-journald daemon - gathers all the messages from the kernel including boot processes, error of daemons, standard outputs, and also forward some messages to rsyslog service.
  • rsyslog service - sorting the messages by priority and type and providing logs in the /var/log directories. Here I’m gonna list all types of syslog messages and where you can find them.

Prerequisites

  • Linux

Subdirectories stored by the Syslog Messages

There are different subdirectories stored by the syslog messages depending on what kind of messages and information you need:

  • /var/log/messages - contains all kind of syslog messages except the below ones
  • /var/log/secure - only security and auth related messages and errors
  • /var/log/maillog - this subdirectory is aimed to provide mail server based messages and errors
  • /var/log/cron - stores logs messages and errors for scheduled cron jobs which are periodically executed
  • /var/log/boot.log - all kinds of logs related to the system startup

Conclusion

If you have any specific concerns or questions for all these different kinds of syslog messages don’t hesitate to put a comment below. On a side note, follow our official channel on Telegram.