Logs and Auditing
¨Syslog daemon
Syslogd
¨/etc/syslog.conf
¨/var/log
/var/log/messages
/var/log/http
¨Accounting files
Utmp
Records who is currently logged into a system
used by who command
Wtmp
records all logins and logouts
used by last command
lastlog
Records time and location of each users last login to
system