6.2.1.14. logs

6.2.1.14.1. Introduction

The logs command of the show subgroup enables displaying the various log files of the GCap:

Introduction

To display...

file name...

detection engine events

detection-engine-logs

kernel events

var-log-kernel

the aggregation of different logs

var-log-messages

GCap authentication information

var-log-auth

the launch information of scheduled tasks

var-log-cron

information about the activity of the various applications used

var-log-cron

information on the activity of the GCap users

var-log-user

debugging events

var-log-debug

A detailed explanation is given in the Log files section.

6.2.1.14.2. Prerequisites

  • Users: setup, gviewadm, gview

  • Dependencies: N/A

6.2.1.14.3. Command

show logs {detection-engine-logs|var-log-kernel|var-log-messages|var-log-auth|var-log-cron|var-log-daemon|var-log-user|var-log-debug}

6.2.1.14.4. Example of displaying the events of the detection engine

For this command, the detection engine must be started.

  • Enter the following command.

(gcap-cli) show logs detection-engine-logs

  • Validate.

The system displays the detection engine events.

A detailed explanation is given in the Files of the logs-detection-engine-logs section.

6.2.1.14.6. Example of displaying the aggregation of different logs

  • Enter the following command.

(gcap-cli) show logs var-log-messages

  • Validate.

The system displays the connection information.
A detailed explanation is given in the Files of the logs-var-log-messages section.

6.2.1.14.7. Example of displaying the GCap authentication information

  • Enter the following command.

(gcap-cli) show logs var-log-auth

  • Validate.

The system displays the connection information.
A detailed explanation is given in the Files of the logs-var-log-auth section.

6.2.1.14.8. Example of displaying the start information of scheduled tasks

  • Enter the following command.

(gcap-cli) show logs var-log-cron

  • Validate.

The system displays the scheduled task start information.

A detailed explanation is given in the Files of the logs-var-log-cron section.

6.2.1.14.9. Example of displaying information about the activity of different applications used

  • Enter the following command.

(gcap-cli) show logs var-log-daemon

  • Validate.

The system displays information about the activity of the various applications used.

A detailed explanation is given in the Files of the logs-var-log-daemon section.

6.2.1.14.10. Example of displaying GCap user activity information

  • Enter the following command.

(gcap-cli) show logs var-log-user

  • Validate.

The system displays the information on the activity of the GCap users.

A detailed explanation is given in the Files of the logs-var-log-user section.

6.2.1.14.11. Example of displaying the debug logs

  • Enter the following command.

(gcap-cli) show logs var-log-debug

  • Validate.

The system displays the information on the activity of the GCap users.
A detailed explanation is given in the Files of the logs-var-log-debug section.