Linux can be configured to log the various events occurring in files residing in /var/log. It is also possible to log to the console as well as to log to a remote log server.
Logging is done by the syslog demon which defines the following seven priorities: debug (less critical), info, notice, warning, err, crit, alert and emerg (the most critical). syslog is configured using the syslog.conf file.
The work to be done is to enable remote logging and make other computers log to it.
One important consequence of (heavy) logging is the need for log rotation. This makes sure that the log files remain at a manageable size and also takes care of archiving old log files. Log rotation can also be used to delete old log files which are not relevant anymore.
What is the relationship between cron and log rotation? How is log rotation configured?
Of course, the whole purpose of logging is to monitor the log files on a regular basis in order to detect unexpected events. Look at the various log files in /var/log and think about the different unexpected events that might appear in them and how those events might be detected.
At what frequency should log files be monitored? How?
A Linux system administrator should be able to:
- Plan a backup strategy
- Dump a raw device to a file or restore a raw device from a file (using dd for example)
- Perform partial and manual backups and restore the files(using tar for example)
- Synchronise two directories (using rsync for example)
There are various tools that are available for doing backups. Some are dated (e.g. dump/restore) and are being deprecated. It is important that the proper tools be used when needed.
Finally, it is important that the time and date be properly set (as essential services like cron and anacron depend on time being correct).
The work to be done is to ensure that the Linux server gets its time and date from a NTP (Network Time Protocol) server found on the Internet (i.e. become an NTP client). Setting up an NTP server is not required.