A log message is an individual entry contained within a log file. Log messages describe a single event that occurred on the system.

Here is an example of a log message:

Jan 12 14:11:06 l174 sshd[14714]: Failed password for root from 1.2.3.4 port 42351 ssh

This message doesn't mean much unless we know that root cannot log in from outside the subnet, that root tried to log in 47 times from this ip address (it wasn't a simple mistake), and that many other users attempted to log in from this ip address. These are both examples of why context information is necessary when performing log analysis

Log in or register to write something here or to contact authors.