Logging
Log files in Linux
It is important to understand how Linux handles logging. With understanding the basics of log files in Linux it can help you troubleshoot and determine what has taken place within your system. One of the great things about Linux is that is has a special directory for storing logs: /var/log. This directory contains logs from the OS, services and applications that are running on the system. I encourage you to go explore this directory and view various log files to see what information you can learn while viewing them.
Important Log files
/var/log/syslog
Stores all system data, including startup message.
/var/log/auth.log
Stores all security related events like logins, root user actions and output from PAM (Pluggable Authentication Modules).
/var/log/kern.log
Stores all kernel events, errors or warnings. This is helpful with troubleshooting kernel issues.
/var/log/cron
Stores information about scheduled tasks.
How does Linux handling Logging?
Linux uses a utility called syslogd and it has been around for many decades. Syslog provides a protocol that can transfer event messages between computers and even applications! You can read about Syslog in RFC 5424. This course is not going to focus on setting up and maintain syslog, but you should understand what syslog does and where logs are stored.
logger
At times you might wish to generate a log message and the logger command provides us the ability to add a message to /var/log/syslog. I suggest you test out the logger command and see how it adds data to the /var/log/syslog file. This command can be helpful when we start to cover shell scripts in a later module.
https://linux.die.net/man/1/logger
https://www.networkworld.com/article/3274570/using-logger-on-linux.html