The latest articles on Debug School by Haripriya A (@haripriyaashok18_593). https://www.debug.school/haripriyaashok18_593 https://www.debug.school/images/QjF5Ul2OheFGaSC0wWJRALBCnKOwnKDlVSZjfxMgG-c/rs:fill:90:90/g:sm/mb:500000/ar:1/aHR0cHM6Ly93d3cu/ZGVidWcuc2Nob29s/L3VwbG9hZHMvdXNl/ci9wcm9maWxlX2lt/YWdlLzgwL2NhMGEy/ZjZiLTI2NDktNGQ1/Yi1iYTM1LTQ1NWM2/Y2MyMjQ5NC5wbmc https://www.debug.school/haripriyaashok18_593 en Haripriya A Thu, 15 Sep 2022 05:55:22 +0000 https://www.debug.school/haripriyaashok18_593/log-analysis-1cj4 https://www.debug.school/haripriyaashok18_593/log-analysis-1cj4 <p><strong>1. Write down top 10 events in Windows and identify their event ID</strong></p> <p>4723 - An attempt was made to change the password of an account<br> 4625 - Failed account login<br> 4624 - Successful account login<br> 4719 - System audit policy was changed.<br> 4722 - A user account was enabled<br> 4634 - account logged off<br> 4648- A logon attempt was made with explicit credentials<br> 4964 - Special group has been assigned to a new log<br> 1102 - Audit log was cleared.<br> 4720 - A user account was created</p> <p><strong>2. Write down top 10 events in Linux and identify their pattern and log Linux</strong><br> /var/log/messages<br> /var/log/auth.log<br> /var/log/cron<br> /var/log/yum.log<br> /var/log/maillog <br> /var/log/secure<br> /var/log/boot.log<br> /var/log/dmesg<br> /var/log/kern.log<br> /var/log/faillog<br> **</p> <ol> <li>Identify the log file in linux which log service start|stop|enable|disable** systemctl start SERVICE_NAME systemctl stop SERVICE_NAME systemctl enable SERVICE_NAME systemctl disable SERVICE_NAME</li> </ol> <p><strong>4. Identify the log file in linux which log process running or killed.</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> check the logfile using this - /var/log/kern.log </code></pre> </div> <p><strong>5. Identify the log file of apache and find out list of VERB and count of each using linux command</strong><br> var/log/apache/access.log<br> /var/log/apache2/access.log<br> /etc/httpd/log/access_log (on MacOS)<br> /var/log/apache2/error.log</p> Haripriya A Tue, 13 Sep 2022 10:00:00 +0000 https://www.debug.school/haripriyaashok18_593/understanding-datadog-agent-147i https://www.debug.school/haripriyaashok18_593/understanding-datadog-agent-147i <p><strong>- What is Datadog agent?</strong> Datadog is a software that runs on your host. It collects hosts metrics and event and send it to Datadog. In Datadog u can analyse your monitoring and performance data.<br> *<em>- Type of Datadog Agent? *</em> Collector <br> Dogstatsd</p> <p><strong>- Ports used to in Datadog agent?</strong> UDP , HTTP - 80, TCP, HTTPS - 443</p> <p><strong>- Top 5 commands with simple explanation troubleshooting Datadog agent?</strong> $ systemctl start datadog-agent - to start the datadog agent<br> $ systemctl stop datadog-agent - to stop the datadog agent<br> $ systemctl restart datadog-agent- to Restart the datadog agent<br> $ systemctl status datadog-agent- to status is running or not in the datadog agent<br> $ datadog-agent version - to find the version </p> <p><strong>- Locate how to enable Logs monitoring in datadog.yaml ** Go to the datadog file located in the windows c:/ programdata/datadog.yaml<br> Edit the file and add enable the option to true.<br> **- 5 techniques for troubleshooting Datadog?</strong><br> Verify API token (datadog.yaml)<br> Verify site/region (datadog.yaml)<br> Datadog Agent is running or not under services<br> check if logs enabled under config file</p>