Skip main navigation

Reading System Log Files

This video illustrates how to access log files on different operating systems and which third-party tools can be used to increase readability.
6.6
Now again, log files could be huge and they also could be pretty complex to look at. You’re looking at a regular text file, so it can be a little hard to take a look at. So to make life easier, what can we do about this? Well, we could actually go through and we could use a third party tool for something like this, things like Graylog, Solarwind, Splunk, Logstash - these are all examples of services we could use to take a look at our log files. And some of these are paid and some of these are going to be free services that we could use. Now, using these type of services is going to make easier insight into your network.
55.6
Again, we’re not looking at a hundred pages, thousands of pages of a text document. Now we have a graphic user interface. I could just click on something. I could open a search query, look for something specific. I could have it pull up, well, show me anomalies. Show me this or that. It’s a lot quicker and it’s also a lot easier to look at. So if we take a look at the screenshot here, we could see, well, here’s a pie graph. It found 101,345 messages in this field. And then these are my top values. I could add certain things to the dashboard. I can reload this information. So again, it’s very quick insight. It’s very easy to read.
105.8
I could just look at this in a glance and see if something’s going kind of crazy. And again, it’s going to be a lot faster search queries and we could set up alerts typically for whatever that we want to be alerted on - anomalies, suspicious logins, logins at unusual hours, things like that.
130.7
So in wrapping up, the last phase of hacking is going to be clearing tracks. So this is why it’s important to monitor those log files. Our log files contain a wealth of information and they should be utilised. Log files can also chew up quite a bit of space over time, so we need to keep that in mind. So whether we go through those logs and delete it at some point or if we archive those logs for a certain amount of time, we need to figure that out. We could also use third party tools to help us gain greater insight into our logs and our network. And again, there are a number of free tools and also paid versions.
172.8
And typically, the paid versions are going to offer you a lot more features - more alerts and ways to contact you. However, depending on what your use case is, some of those free tools may work for you just as well. And for Windows and Linux users, you don’t necessarily need a third party option to view those logs. You can always go through and manually look through those log files if you want to. That’s always an option. It’s going to essentially be the same information. It’s just going to be a little bit harder to go through there. So this was about log files. In the next video, we’re going to be talking about monitoring software. Thank you for watching.
215.7
I’ll see you in the next video.

How can you access log files on different operating systems and which third-party tools can be used to increase the readability of these files?

In the last video, you learned about system log files; in this video, you will move on to learning how to access these files. These files can be challenging to read, so there are several third-party tools available to make these files more readable. Once you know how to use these tools, you should be able to check your own system log files.

Over to you: Find the log files on your computer and see how well you understand them. You can check them as they are, or you can try using a third-party tool. What is your preferred approach? Share your comments in the section below.

This article is from the free online

Advanced Cyber Security Training: Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education