Log files - pyllyukko/harden.yml GitHub Wiki
Log files in Slackware Linux
Path | Program | Configuration | Rotation |
---|---|---|---|
/var/log/modsec_audit.log |
ModSecurity | SecAuditLog | |
/var/log/pacct |
Process accunting | ||
/var/log/boot |
bootlogd | ||
/var/log/sbopkg/sbopkg-build-log |
sbopkg | ||
/var/log/httpd/* |
httpd | /etc/logrotate.d/httpd |
|
/var/log/sulog |
su | login.defs :SULOG_FILE |
|
/var/log/clamav/clamd.log |
ClamAV | clamd.conf:LogFile |
clamav.logrotate |
/var/log/clamav/freshclam.log |
ClamAV | rc.clamav | clamav.logrotate |
/var/log/sudo.log |
sudo | sudoers:logfile |
|
/var/log/dmesg |
/etc/rc.d/rc.M |
||
/var/log/apcupsd.events |
apcupsd | apcupsd.logrotate | |
/var/log/{messages,syslog,debug,secure,cron,maillog,spooler} |
sysklogd | /etc/logrotate.d/syslog |
|
/var/log/rkhunter.log |
rkhunter | ||
/var/log/rkhunter.log.old |
rkhunter | ||
/var/log/rkhunter.log.YYYY-MM-DD_HH:MM:SS |
rkhunter | ||
/var/log/Xorg.0.log |
X.Org | ||
/var/log/Xorg.0.log.old |
X.Org | ||
/var/log/[bw]tmp |
Shadow suite | ||
/var/run/utmp |
Shadow suite | ||
/var/log/{fail,last}log |
Shadow suite | ||
/var/log/lynis{-report.dat,.log} |
Lynis | ||
/var/log/tiger/* |
Tiger | ||
/var/log/pkgtools/ |
pkgtools | ||
/var/log/audit/audit.log |
auditd | auditd.conf :log_file |
|
/var/log/cups/ |
Cups | ||
/var/log/ConsoleKit/ |
ConsoleKit | ||
/var/log/sa/* |
System accounting | ||
/var/log/{usr,sav}acct |
Process accounting | ||
/var/log/uucp/* |
uucp | ||
MIT Kerberos | kdc.conf :logging |
||
/var/log/docker.log |
Docker | rc.docker:DOCKER_LOG |
|
/var/log/mcelog |
mcelog | /etc/logrotate.d/mcelog |
|
/var/log/ntp |
ntp | /etc/logrotate.d/ntp |
Facilities
Default syslog facilities for various programs.
Facility | Software |
---|---|
local6 | ClamAV |
local4 | OpenLDAP slapd (debugging statements and operation statistics) |
local7 | Nginx |
local7 | THOR Lite |
user | Kismet |
auth | MIT Kerberos KDC |
TrueNAS
/etc/krb5.conf
:
#
# krb5.conf(5) - configuration file for Kerberos 5
# $FreeBSD$
#
[logging]
default = SYSLOG:INFO:LOCAL7