not sure how to put this, I have been reading on this forum people saying that they check their log file with var/log/messages for any illegal log attack, is that right?

When i tried:

vi var/log/messages i got hundereds of lines.... not sure if this right place!!!


please correct me if am wrong.

Thanks.

hi,
it is the correct place, but why do you use the vi command to check this file ?
use cat or tail -f (the latter will give you the last part of the file, cool hey ? )

Thanks samae126, i thought the vi is similar to cat(view a file),However;

I have run this command:

root@Admin:/home/moderator# tail -f /var/log/mess*

and the output was:

Apr 23 10:31:00 Admin kernel: smb_request: result -104, setting invalid
Apr 23 10:31:00 Admin kernel: smb_retry: successful, new pid=2676, generation=2
Apr 23 10:31:00 Admin kernel: smb_request: result -104, setting invalid
Apr 23 10:31:00 Admin kernel: smb_retry: successful, new pid=2680, generation=2
Apr 23 10:54:15 Admin -- MARK --
Apr 23 11:14:15 Admin -- MARK --
Apr 23 11:34:15 Admin -- MARK --
Apr 23 11:54:15 Admin -- MARK --
Apr 23 12:14:15 Admin -- MARK --
Apr 23 12:34:15 Admin -- MARK --

I dont understand anything, if someone could expalin these few lines I'll be glad.

Thanks.

vi is a text editor, it edits files. cat, tail, head... they all work fine for viewing files. You'll probably want to narrow your search down though, so you might want to use grep instead of cat, tail, head, etc..
grep "Failed" /var/log/messages | less or what ever error you're looking for.