How can Linux save system logs locally?

2 years ago
Ava Mitchell
1 minute

To save system logs locally, you can follow these steps:

  1. Open the terminal.
  2. Check the location of the system log files using the following command:
  3. Open the rsyslog.conf file using the nano text editor with superuser privileges.
  4. Locate the following lines in the document:
  5. # Access to the authpriv file is limited.
    authpriv.* /var/log/auth.log
  6. Remove the comments (#) from the authpriv.* lines and change the path to where you want to save the log files. For example, you can modify the path to /home/your_username/auth.log.
  7. Save the file and exit the editor.
  8. Restart the rsyslog service to apply the changes. Use the following command:
  9. Restart the rsyslog service using sudo.
  10. From now on, the authentication-related logs of the system will be saved to the location you specify.

Please note that the above steps are only applicable to Linux distributions based on rsyslog, such as Ubuntu, Debian, etc. Other distributions may use different logging systems, so the steps may vary.

bannerAds