System Logging

Explore Linux system logging to understand how audit trails are created and maintained. Learn to use rsyslog and journalctl for managing logs that assist in identifying security incidents and troubleshooting. This lesson provides vital knowledge for pentesters and administrators to track system activity and secure Linux environments.

We'll cover the following...

Introduction to logging systems
- The rsyslog logging daemon
Linux system logs
- System logs
- Enabling and disabling logging

Introduction to logging systems

Log files help provide an audit trail of the system’s operations. These files exhibit essential information in case of a security breach or when troubleshooting a system problem. When an issue arises in the operating system, analyzing the log files is the first thing a pentester, or a system administrator, needs to do. Therefore, when securing a Linux machine, we need a proper understanding of the management of the logging function to determine if a system has a vulnerability or has been attacked and then determine what happened and who was responsible.

1.Introduction to the Course

2.Introduction to Linux

3.Introduction to Python

4.Web and Server Technology

5.Network Management and Analysis

6.Open-Source Intelligence

7.Cross-Site Scripting

8.SQL Injection

9.Authentication and Authorization

10.Cross-Site Request Forgery

11.Social Engineering Attacks

12.Broader Security Concepts

13.Wrapping Up

System Logging

Introduction to logging systems

The `rsyslog` logging daemon

System Logging

Introduction to logging systems

The rsyslog logging daemon

The `rsyslog` logging daemon