chapter 11

What option would you use to view just the critical log events in the systemd-journald log file?

-p crit

What folder is the rsyslog configuration file located?

/etc

Where is the default location that the systemd-journald service stores its non-persistent logs?

/run/log

What folder are the default log files (persistent) stored on a RHEL system?

/var/log

Match the syslog priority to the severity code. 1.emerg 2.alert 3.crit 4.err 5.warning 6.notice 7.info 8.debug

0 1 2 3 4 5 6 7

Match the log file with the type of message stored 1.messages 2.secure 3.maillog 4.cron 5.boot.log

1.Most syslog messages are logged here. 2.Syslog messages related to security and authentication events. 3.Syslog messages related to the mail server 4.Syslog messages related to scheduled job execution 5.Non-syslog console messages related to system startup

Match the syslog priority codes to the severity. 1.emerg 2.alert 3.crit 4.err 5.warning 6.notice 7.info 8.debug

1.System is unusable 2.Action must be taken immediately 3.Critical condition 4.Non-critical error condition 5.Warning condition 6.Normal but significant event 7.Informational event 8.Debugging-level message

Match the common fields of the system journal to its relevant process. 1._COMM 2._EXE 3._PID 4._UID 5._SYSTEM_UNIT

1.The name of the command 2.The path to the executable for the process 3.The process ID of the process 4.The user ID of the user running the process 5.The systemd unit that started the process

What file is created when you configure the journal logs to be persistent across reboots?

journal

What command would you use to view the logs generated by the systemd-journald service?

journalctl

Which one of the following commands retrieves the entries in the journal logs for the current system boot?

journalctl -b

What command (only) would you use to send a log message to a specific log file for testing?

logger

What command do you use to keep log files from taking up too much space in the file system in the /var/log directory?

logrotate

What are the three parameters you can use when updating the Storage parameter in the journald.conf file?

persistant volatile auto

What are the two standard logging systems based on the syslog protocol that is built into RHEL?

rsyslog systemd-journald

If you wanted to monitor a log in real time rather than just see what is in it, which one of the commands below would accomplish this task?

tail -f </path/logfile>

What command would you use to see an overview of the current time-related system settings of a RHEL system?

timedatectl

What complete command would you use to the the time zone of a system to America/Chicago?

timedatectl set-timezone America/Chicago

If you wanted to get verbose information from the systemd-journald log files, what option would you use?

-o verbose

What option would you use with with the journalctl command to list journal entries from a specific day? (Option only)

--since

You can't view the systemd-journald log files in real-time like you can the rsyslog log files.

False

What protocol is used to synchronize system clocks on servers to Internet time servers? (Acronym only)

NTP

Systemd-journald logs are non-persistent while rsyslog logs are persistent across reboots.

True

Of the three parameters you can use when updating the Storage parameter in the journald.conf file, which one is the default?

auto