Log files - pyllyukko/harden.yml GitHub Wiki

Log files in Slackware Linux

Path	Program	Configuration	Rotation
`/var/log/modsec_audit.log`	ModSecurity	SecAuditLog
`/var/log/pacct`	Process accunting
`/var/log/boot`	bootlogd
`/var/log/sbopkg/sbopkg-build-log`	sbopkg
`/var/log/httpd/*`	httpd		`/etc/logrotate.d/httpd`
`/var/log/sulog`	su	`login.defs`:`SULOG_FILE`
`/var/log/clamav/clamd.log`	ClamAV	clamd.conf:`LogFile`	clamav.logrotate
`/var/log/clamav/freshclam.log`	ClamAV	rc.clamav	clamav.logrotate
`/var/log/sudo.log`	sudo	sudoers:`logfile`
`/var/log/dmesg`	`/etc/rc.d/rc.M`
`/var/log/apcupsd.events`	apcupsd		apcupsd.logrotate
`/var/log/{messages,syslog,debug,secure,cron,maillog,spooler}`	sysklogd		`/etc/logrotate.d/syslog`
`/var/log/rkhunter.log`	rkhunter
`/var/log/rkhunter.log.old`	rkhunter
`/var/log/rkhunter.log.YYYY-MM-DD_HH:MM:SS`	rkhunter
`/var/log/Xorg.0.log`	X.Org
`/var/log/Xorg.0.log.old`	X.Org
`/var/log/[bw]tmp`	Shadow suite
`/var/run/utmp`	Shadow suite
`/var/log/{fail,last}log`	Shadow suite
`/var/log/lynis{-report.dat,.log}`	Lynis
`/var/log/tiger/*`	Tiger
`/var/log/pkgtools/`	pkgtools
`/var/log/audit/audit.log`	auditd	`auditd.conf`:`log_file`
`/var/log/cups/`	Cups
`/var/log/ConsoleKit/`	ConsoleKit
`/var/log/sa/*`	System accounting
`/var/log/{usr,sav}acct`	Process accounting
`/var/log/uucp/*`	uucp
	MIT Kerberos	`kdc.conf`:logging
`/var/log/docker.log`	Docker	rc.docker:`DOCKER_LOG`
`/var/log/mcelog`	mcelog		`/etc/logrotate.d/mcelog`
`/var/log/ntp`	ntp		/etc/logrotate.d/ntp

Default syslog facilities for various programs.

Facility	Software
local6	ClamAV
local4	OpenLDAP `slapd` (debugging statements and operation statistics)
local7	Nginx
local7	THOR Lite
user	Kismet
auth	MIT Kerberos KDC

/etc/krb5.conf:

#
# krb5.conf(5) - configuration file for Kerberos 5
# $FreeBSD$
#

[logging]
            default = SYSLOG:INFO:LOCAL7