Last Updated on October 23, 2022 by InfraExam

Ch10 System Logging Exam

  1. The ____________ and klogd are two main programs that provided logging facilities for Linux prior to rsyslogd.

    •  mlogd
    • logger
    • syslogd
    • tlogd
  2. Prior to rsyslogd, the daemon program that provided logging services for the Linux kernel is:

    • SNMP
    • syslogd
    • slog
    • klogd
  3. The daemon that provides logging services for applications and programs is:

    • applog
    • SNMP
    • klogd
    • syslogd
  4. The syslogd facility gets the messages from klogd and decides the action based on configuration settings.

    True or False? 

    • True 
    • False
  5. Logs contain a wealth of data and may include all of the following, except:

    • Warnings
    • Configuration settings
    • Errors
    • Information messages
  6. System administrators can use logs for all of the following, except:

    • Installing new packages
    • Tuning the system for efficiency or security
    • Troubleshooting software
    • Troubleshooting hardware
  7. Message processing tasks, handled by rsyslogd, are configured using _______ file.

    • /etc/syslog.conf
    • /etc/rsyslogd.conf
    • /etc/logger.conf
    • /etc/rsyslog.conf
  8. A recently installed program appears to be malfunctioning. In which directory should you look for logs related to the new program?

    • /var/log
    • /usr/log
    • /etc/log
    • /home
  9. Which of the following commands is not used to view log files on a Linux operating system?

    • less 
    • echo
    • tail
    • grep
  10. Which of the following files contains general and system related messages?

    • /var/log/boot.log
    • /var/log/maillog
    • /var/log/cron.log
    • /var/log/rsyslog
  11. Errors relating scheduled cron jobs can be found at which of the following locations?

    • /var/log/auth.log 
    • /var/log/rsyslog 
    • /var/log/cron.log 
    • /var/log/crond.log
  12. Each line in the rsyslog.conf configuration file must specify: 

    • Action
    • Selector facility
    • All choices are valid 
    • Selector priority
  13. Identify the valid rsyslog.conf selector facilities:

    (choose three)

    • kern 
    • news 
    • cron 
    • batch
  14. Arrange the following items in increasing order of priority:​ alert, err, emerg, warning, crit

    • warning, err, alert, emerg, crit 
    • warning, alert, err, crit, emerg 
    • alert, warning, err, crit, emerg 
    • warning, err, crit, alert, emerg
  15. Which of the following selector settings in rsyslog.conf will select all kernel messages?

    • kernel.* 
    • kern.=err 
    • kern.* 
    • *.kern
  16. A line in the rsyslog.conf file contains* in the actions part. What does this mean?

    • A message is displayed to everyone who is logged in
    • There is no action specified 
    • A text message is written into the default log file
    • An asterisk *, in place of a text message, will be displayed
  17. By default, the rsyslogd daemon creates a ________ message in the file every 20 minutes.

    • TIME 
    • STAMP
    • NOTE 
    • MARK
  18. In a centralized rsyslog logging setup, remote hosts must be configured to send messages. Which of the following would be the correct setting to send all messages for the warning services to the machine with the hostname rsyslogserver?

    • *.warning @rsyslogserver
    • *.warning rsyslogserver
    • *.warned @rsyslogserver
    • *.warned rsyslogserver
  19. The ____________ command is used to send messages to the system logging facility.

    • timer 
    • notice 
    • logger
    • queue
  20. Which option to the logger command is used to specify a tag for the log entry?

    • -f 
    • -t
    • -s 
    • -l
  21. Which of the following logger command options will use the message specified in the temp_message file?

    • logger -s temp_message 
    • logger -f temp_message 
    • logger -t temp message 
    • logger -l temp_message
  22. The rsyslog.conf file is currently set to *.info. Which of the following will result in more verbose logging messages?

    • *.emerg 
    • *.alert 
    • *.debug 
    • *.warning
  23. Which of the following settings in rsyslog.conf will enable rsyslogd to log messages of err priority level only?

    • mail.=err 
    • mail.none 
    • mail.err 
    • mail.err;mail.!alert
  24. The systemd-journal uses the journalctl application program to display logfiles which are stored in binary format.

    True or False?

    • True 
    • False
  25. The -r option when used with the journalctl command is useful because it __________.

    • …reverses chronological order to show the most recent files first. 
    • …repeats output missed previously. 
    • …revises log output for use with systemd systems. 
    • …restores deleted logs.
  26. Output from the journalctl command is limited to seven (7) days worth of logs by default.

    True or False?

    • True 
    • False
  27. By default the -n option when used with the journalctl command returns:

    • Notes taken by a previous system administrator.
    • Multiple log entries starting with the number specified. 
    • The last ten (10) most recent log entries. 
    • Nothing, the output is dumped to a null file.
  28. The maximum size for persistent journal storage on a 20GB partition is:

    • 2GB 
    • 1GB unless uncapped 
    • 4GB 
    • Unlimited
  29. To remove systemd-journald log data older than two (2) weeks use the following command:

    • journalctl --remove2w
    • journalctl --vacuum2weeks
    • journalctl --vacuum-time2weeks
    • journalctl -- rotate2weeks
  30. When piping a command to systemd-cat the output is added to systemd-journald and displayed on screen by default.

    True or False?

    • True 
    • False