NDG Linux Essentials - Challenge Lab C: Log File Archiving

Aaron Venema

12 Nov 202306:41

Summary

TLDRThis tutorial walks through the process of archiving and extracting log files on a Linux system. It covers navigating to the `/var/log` directory, using glob patterns to identify `.log` files, and creating a compressed archive with the `tar` command. The archive is stored in the `archive` directory, and the script also demonstrates how to list its contents without extracting. Finally, the script explains how to extract the files to a `backup` directory. The clear step-by-step instructions make it easy to follow for anyone interested in managing log files.

Takeaways

😀 Change to the `/var/log` directory to view system log files using `cd /var/log`.
😀 Use `ls -a` to list all files in a directory, including hidden ones.
😀 To filter and identify log files, use globbing with `*.log` to match all files ending with `.log`.
😀 Archive selected log files into a `.tar` archive using `tar -cvf` and specify the output file path.
😀 Create necessary directories for storing archives and backups using `mkdir archive backup`.
😀 The `tar` command options `-c`, `-v`, and `-f` are used to create a verbose archive and specify the output file.
😀 List the contents of an existing `.tar` archive without extracting using `tar -tf`.
😀 To extract files from a `.tar` archive, use `tar -xvf` followed by the archive file path.
😀 Files can be extracted into a specific directory by navigating to that directory first using `cd backup`.
😀 Always verify the archive creation and file extraction by listing files with `ls` to ensure success.
😀 The process involves multiple steps: navigating directories, creating and verifying archives, and extracting files to a backup folder.

Q & A

What is the purpose of archiving log files in this script?
-The log files are archived to preserve information in response to suspicious activity on the system. Archiving ensures that the log data is safely stored and can be accessed later for investigation or backup purposes.
How does the user navigate to the log files directory?
-The user navigates to the log files directory by using the `cd` (change directory) command. First, they go to the root directory and then to `/var/log` using the command `cd /var/log`.
What command is used to list all files, including hidden files, in the directory?
-The user uses the `ls -a` command to list all files, including hidden ones (those starting with a dot). This command shows both visible and hidden files in the current directory.
What is the purpose of the glob pattern `*log` in this script?
-The `*log` glob pattern is used to match all files that end with the `.log` extension. The pattern helps identify and select the log files to be archived from the directory.
How does the user create the archive file of the log files?
-The user creates the archive using the `tar` command with the options `-cvf`. The `-c` option tells `tar` to create an archive, `-v` enables verbose output, and `-f` specifies the name of the archive file, `log.tar`.
What directories are created in the home directory for the backup process?
-The user creates two directories in the home directory: `archive` (to store the archive file) and `backup` (to store the extracted files). This is done using the `mkdir` command.
What command does the user run to verify the contents of the `log.tar` archive?
-To verify the contents of the `log.tar` archive, the user runs the command `tar -tf log.tar`. The `-t` option lists the contents of the archive without extracting them.
How does the user extract the files from the archive to the backup directory?
-The user extracts the files using the `tar -xvf` command. The `-x` option extracts the files, `-v` shows verbose output, and `-f` specifies the path to the archive file. The extracted files are placed in the current directory, which is `backup` after navigating to it.
What would happen if the user didn't change to the `backup` directory before extracting the files?
-If the user didn't change to the `backup` directory, the files would be extracted into the directory they were in when running the extraction command, which could result in the files being extracted to an unintended location.
What does the command `pwd` do in this script?
-The `pwd` (print working directory) command is used to display the current directory the user is in. This helps verify their location before extracting files to the `backup` directory.