CHAPTER-10:ANALYZING AND STORING LOGS

 

CHAPTER 10

ANALYZING AND STORING LOGS

Questions:

1. The ------------- directory is where these logs are persistently stored.

        a. /var /log

        b. /var /logd

        c. /etc/log

        d. /etc/logd

2. In Red Hat Enterprise Linux 7, sys log messages are handled by two services,

        a. systemd-journald

        b. syslog

        c. rsyslog

        d. syslogd

3. The ------------------- daemon provides an improved log management service that collects messages from the kernel, the early stages of the boot process, standard output and error of daemons as they start up and run, and syslog

        a. systemd-journald

        b. syslog

        c. rsyslog

        d. syslogd

4. The ------------------- service then sorts the sys log messages by type (or facility) and priority, and writes them to persistent files in the /var /log directory.

        a. systemd-journald

        b. syslog

        c. rsyslog

        d. syslogd

5. Each log message is categorized by a -------------  and a ---------------------------

        a. facility (the type of message)

        b. priority (the severity of the message)

        c. importunacy

        d. error checking

6. The facilities which  are available are documented by the rsyslog.conf(?) man page

                a. 2 b.   3                      c.  1 d.     5

7. The rsyslogd service uses the facility and priority of log messages to determine how to handle them

                a. True b.   False

8. Which file contains directives that define where log messages are saved

        a. /etc/syslog.conf

        b. /etc/rsyslog.conf

        c. /etc/syslog/rsyslog.conf

        d. /etc/rsyslogd.conf

9. Log files are maintained by the ---------------------- service

        a. system-journald

        b. syslog

        c. rsyslog

        d. syslogd

10. Logs are " rotated" by the ------------------- utility to keep them from filling up the fi le system containing /var /log/

        a. log

        b. logrotate

        c. logs

        d. rotatelog

11. To monitor for failed login attempts on one terminal, which command will be used?

        a. tail     /var/log/syslog

        b. tail    -f     /etc/log/messages

        c. tail    -f     /etc/log/secure

        d. tail     -f     /var/log/secure

12. Which command can send messages to the rsyslog service?

        a. logp

        b. loggerp

        c. logger

        d. logedp

13. In Red Hat Enterprise Linux 7, the systemd journal is stored in /run/log by default

            a. True             b.    False

14. The -------------  command shows the full system journal, starting with the oldest log entry, when run as root user

        a. journal

        b. syslog

        c. journalctl

15. By default    ‘journalctl    –n’ shows the last ------------ log entries

                a.8     b. 10 c. 15           d. 5

16. “journalctl   -b” can reduce the output by only showing the log messages since the last boot of the system.

                a.True b. False

17. The ---------------- command shows an overview of the current time-related system settings

        a. timedatectl

        b. timedatectr

        c. timedate

        d. show-timedatectl

18. A data base with known time zones is available and can be listed with:

        a. timedatectl   -show-timezone

        b. timedatectl       list-timezones

        c. timedatectl       --list-timezones

19. Which  option enables or disables NTP synchronization for automatic time adjustment

        a. set-ntp

        b. get-ntp

        c. ntp-set

        d. ntp-get

20. To enable NTP synchronization, which command will be used?

        a. timedatectl      ntp-set     true

        b. timedatectl      ntp-set     false

        c. timedatectl      set-ntp     true

        d. timedatectl      ntp-get     true

21. The quality of an NTP time source is determined by the  -----  

        a. stratum  value

        b. set value

        c. get value

        d. all 

22. There are two categories of time sources that can be configured in the /etc/chrony.conf configuration file

            a.True b. False

23. The system log files are maintained by rsyslog.

            a.True b. False

24. Which is not true?

        a. Code 0 = emergency

        b. Code 5 = notice

        c. Code 3 = error

        d. Code 2 = critical

        e.     Code 6 = debug

25. The log file related to periodically executed tasks.

        a. /var/log 

        b. /var/log/boot.log

        c. /var/log/cron 

        d. /var/log/maillog

        e. /var/log/messages

        f. /var/log/secure

26. The log file for security and authentication related messages and errors.

        a. /var/log 

        b. /var/log/boot.log

        c. /var/log/cron 

        d. /var/log/maillog

        e. /var/log/messages

        f. /var/log/secure

27. Messages related to system startup logged here.

        a. /var/log 

        b. /var/log/boot.log

        c. /var/log/cron 

        d. /var/log/maillog

        e. /var/log/messages

        f. /var/log/secure

28. The directory to which rsyslog is writing -------------------- all the log files.

        a. /var/log 

        b. /var/log/boot.log

        c. /var/log/cron 

        d. /var/log/maillog

        e. /var/log/messages

        f. /var/log/secure