/messages is the default system log file on most Linux distros
and probably most modern unices
puts most of it's output there. An entry looks somewhat like this:
Aug 8 18:32:13 mother PAM_pwdb(23293): (su) session opened for user root by rune(uid=500)
is the hostname
of my computer. (Think Alien
here, not Psycho
) PAM_pwdb is the name of the program, PAMs PID
is/was 23293 and then some text
describing the actual event.
It may seem redundant that the hostname is included in every line, but syslogd can output to other loggers on the network and I know that at least one router from Zyxel (I don't remember which one) can send it's output to a syslogd on some UNIX machine on the network.
It is nice to have tail -f /var/log/messages running in an xterm or on an old monitor or something.