A quick guide to logfiles The important ones: Web logs (apache): /etc/httpd/logs look out for odd characters/overlong filenames Service logs: /var/log/boot.log keep an eye out for failures to start/stop services Cron logs: /var/log/cron make sure expected jobs are running dmesg: /var/log/dmesg check for hardware errors Firewall log: /var/log/firewall.log check to see what attacks have been attempted Mail log: /var/log/maillog check all mail is delivered Messages: /var/log/messages check everything in here daily Secure: /var/log/secure look out for unusual attempts to gain root The less important ones: /var/log/gdm : gdm is the graphical login manager. /var/log/httpd : the same as /etc/httpd/logs/ /var/log/iptraf : it’s empty unless you run iptraf. /var/log/kdm.log : another graphical login manager. /var/log/ksyms.* : kernel symbols logs (incomprehensible). /var/log/lastlog : Use the last command instead. /var/log/mysqld.log : Of course if you start using MySQL you might look! /var/log/pgsql : PostgreSQL logs as above. /var/log/rcd/* : RedCarpet logs only look if you have issues. /var/log/rpmpkgs : Same as running rpm qa /var/log/sa : output from sar command on cron job /var/log/scrollkeeper.log : GNOME messages, might be good to look at if you have a GNOME problem! /var/log/spooler : UUCP spools (noone uses this anymore!) /var/log/up2date : RedHat update mechanism (unused). /var/log/wtmp : not human readable /var/log/Xfree86.0.log : If you have X errors this is the place to look. Resources: dmesg output demystified: http://www.linuxgazette.com/issue59/nazario.html

这是个简单的索引，至于怎么读，能在日志中看出什么了，靠自己！