0
0
Linux CLIscripting~5 mins

System logs (/var/log) in Linux CLI - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is the purpose of the /var/log directory in Linux?
The /var/log directory stores system log files. These logs record events, errors, and messages from the system and applications to help monitor and troubleshoot.
Click to reveal answer
beginner
Which command shows the last 10 lines of a log file?
The tail command shows the last 10 lines by default. For example, tail /var/log/syslog shows the last 10 lines of the syslog file.
Click to reveal answer
beginner
How can you continuously watch new entries added to a log file?
Use tail -f /var/log/filename. This command shows new lines as they are added, like watching a live feed.
Click to reveal answer
intermediate
What is the difference between /var/log/syslog and /var/log/auth.log?
/var/log/syslog records general system messages and events. /var/log/auth.log records authentication-related events like logins and sudo usage.
Click to reveal answer
beginner
Why is it important to check system logs regularly?
Checking logs helps find problems early, understand system behavior, and improve security by spotting unauthorized access or errors.
Click to reveal answer
Which command shows the last 20 lines of /var/log/syslog?
Atail -n 20 /var/log/syslog
Bhead -n 20 /var/log/syslog
Ccat /var/log/syslog | less
Dgrep 20 /var/log/syslog
What does the command tail -f /var/log/auth.log do?
AShows the last lines and updates live as new lines are added
BDeletes the auth.log file
CShows the first lines of auth.log
DSearches for the word 'auth' in the log
Which log file would you check to find failed login attempts?
A/var/log/syslog
B/var/log/kern.log
C/var/log/dmesg
D/var/log/auth.log
What is the main reason to use system logs?
ATo store user files
BTo monitor system events and troubleshoot problems
CTo install software
DTo speed up the system
Which command would you use to search for the word 'error' in /var/log/syslog?
Acat error /var/log/syslog
Btail error /var/log/syslog
Cgrep error /var/log/syslog
Dhead error /var/log/syslog
Explain how you would monitor a system log file in real time to catch new events as they happen.
Think about a command that shows the end of a file and keeps updating.
You got /3 concepts.
    Describe the difference between /var/log/syslog and /var/log/auth.log and when you would check each.
    One is for overall system events, the other for security-related events.
    You got /3 concepts.