You can look at a log in "real-time" with the
tail command. Example:
Code:
tail -f /var/log/syslog
You can also use the ubiquitous text tools such as
grep,
awk, etc. to find specific lines you are interested in. That said, there's only so much you as a human can do by looking at log files. You will typcially be much more productive by having the computer look at them for you, and having it report to you on its findings. It can also take certain actions when it finds certain things in the logs. There's many tools that do this, here's two examples:
Logwatch and
Swatch. If you want more specific help regarding intrusion attempt detection by looking at log files, you'll need to specify which program's logs you are referring to.