Compare app, service, and auth evidence.
Mission 11
Log triage
Inspect access, error, auth, and service logs in a cautious order.
Text and logs
0/25 lessons
0/7 missions
New learnerrank
0XP
0%complete
learner@clairos:/home/learner $
Unix ops lab: type a command, press Enter
Lesson support
What to notice while you play.
Tail nginx access, then read the fake nginx journal.
Incident triage is evidence gathering before action.
- Restarting a service before reading logs.
- Only checking one log source.
Reference
Commands in this lesson.
grep [-i] <text> <file>
Find literal text inside a file.
journalctl -u <service>
Read fake service journal entries.