In Ubuntu Linux, logs are typically stored in the “/var/log/” directory. These logs can provide insights into system events, errors, and other important information. Here are some of the key log files and their uses:

auth.log

/var/log/auth.log: This log contains authentication-related events, such as login attempts and sudo commands.

To view: sudo less /var/log/auth.log

dmesg.log

/var/log/dmesg: This log stores kernel messages, which include hardware information and system boot details.

To view: sudo less /var/log/dmesg

faillog

/var/log/faillog: faillog is a system utility that tracks failed login attempts.

To view: sudo less /var/log/faillog

kern.log

/var/log/kern.log: This file contains kernel messages and can help diagnose low-level system problems.

To view: sudo less /var/log/kern.log

php8.x-fpm.log

/var/log/php8.x-fpm.log: This log file contains log messages generated by PHP-FPM related to the operation of PHP scripts running through it.

To view: sudo less /var/log/php8.x-fpm.log

syslog.log

/var/log/syslog: This is the general system log. It contains messages related to system activity and applications, and it’s a good place to start for troubleshooting.

To view: sudo less /var/log/syslog

ufw.log

/var/log/ufw.log: This log file is where UFW (Uncomplicated Firewall) records information about the firewall’s activity.

To view: sudo less /var/log/ufw.log

Conclusion

These 7 Ubuntu Linux logs can be used for system monitoring, troubleshooting, security, auditing, and debugging.