Viewing Service Logs in Linux

Hands-On Lab

 

Photo of Michael Christian

Michael Christian

Course Development Director in Content

Length

00:45:00

Difficulty

Beginner

Working with system logs is one of the most common tasks a Linux service administrator performs. Knowing where to find these logs and how to parse them into just the information you need saves time and effort in troubleshooting and resolution. In this hands-on lab, we will practice pulling data from the logs of a web server.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Viewing Service Logs

Introduction

Working with system logs is one of the most common tasks a Linux service administrator performs. Knowing where to find these logs and how to parse them into just the information you need saves time and effort in troubleshooting and resolution. In this hands-on lab, we will practice pulling data from the logs of a web server.

Connecting to the Lab

  1. Open your terminal application, and run the following command (remember to replace PUBLIC_IP with the public IP you were provided on the lab instructions page):
    ssh cloud_user@PUBLIC_IP
  2. Enter yes at the prompt.
  3. Enter your cloud_user password at the prompt.

Attempt to curl the Address on the Local Host

  1. List the current working directory.
    pwd
  2. Run curl on the local host.
    curl -I localhost

Determine How Many Times 10.0.1.10 Has Accessed the Website

  1. Run the following command:
    sudo cat /var/log/httpd/access_log
  2. Enter your cloud_user password at the prompt.
  3. Determine how many lines start with the IP address 10.0.1.10.
    sudo cat /var/log/httpd/access_log | grep -E "^10.0.1.10" | wc -l

Attempt to Reach the Web Server via http://PUBLIC_IP/index.html

  1. Open a new terminal window for your local machine.
  2. Attempt to connect to the web server.
    curl http://PUBLIC_IP/index.html

Find the New Entry in the Log

  1. Switch to your cloud_user terminal window.
  2. Locate the new entry that was appended to the end of the log.
    sudo tail -f /var/log/httpd/access_log
  3. Switch to your local machine terminal window, and run the curl http://PUBLIC_IP/index.html command again.
  4. Switch back to your cloud_user terminal window.
  5. You should see a second new log entry.

Attempt to Reach the Web Server via http://PUBLIC_IP/server.html

  1. Switch to your local machine terminal window.
  2. Run the following command:
    curl http://PUBLIC_IP/server.html
  3. Switch to your cloud_user terminal window.
  4. Locate the 404 status code in the logs, indicating the path did not resolve to a valid page.

Conclusion

Congratulations, you've successfully completed this hands-on lab!