Week 6 - Virtualization, Logging Flashcards
What is virtualization?
Virtualization creates a computer environment that can run a complete OS as if it were running on your physical hardware
What is a virtual machine?
The simulated computer environment
Where are events logged by the operating system stored in Windows?
The Event Viewer
Describe 3 of the types of event logs you’d see in the Windows Event Viewer?
S, S, AS
- System logs
- Security logs
- Applications and Service logs
Where are logs stored on Linux?
/var/log
If you have an idea of where a problem might lie, it’s better to search for the more….? Linux
log
Better to search in the smaller, more specific file for the log of the suspected problem
What does the /var/log/syslog file log on Linux? Why should this be your first stop?
The syslog file contains everything minus “off” events, and it should be the first stop because it’s the most detailed log file
What does the /var/log/auth.log file log? Linux
police
Security related events
What does the /var/log/kern.log file log? Linux
Kernel message logs
What does the /var/log/dmesg file log? Linux
System start-up message logs
What is log rotating? Linux
old/new
Log rotating deletes older logs and replaces them with newer ones
What is centralized logging? Linux
one
Centralized logging allows a user to access logs from multiple systems in one centralized location
What is Unix Epoch time?
then
It’s a timestamp meant to represent “then”, the seconds since January 1, 1970
It gives Unix based computers a sense of time