Respond to your classmate. . If you have software or something running on the operating system,
Question:
Respond to your classmate.
. If you have software or something running on the operating system, those logs can be found in other locations. These logs are generally stored in plain text and things can be review by cat'ing out the file, tailing it or looking at the head. Generally, when I have a really good idea of what I am looking for in the messages, I can search through a file a log easier with "cat /var/log/messages | less" then I can do a search through the whole file or if the event recently occured, I can "gg "and do a reverse search "?". The "tail -f /var/log/messages" will allow you to follow the system logs in real time and see what is happening on that particular server. In these logs, you can see CRON jobs that have run, users accessing the system, kernals, daemons, mail etc. Logging of sudo commands can be set up on the system as well. Some systems have utmp/utmp and btmp and this is usually reviewed with a utmpdump in order to see things in a human readable format. This will show who is logging onto the system, from where, successful, and failed attempts.
Systems analysis and design
ISBN: 978-0136089162
8th Edition
Authors: kenneth e. kendall, julie e. kendall