Taming systemd's Journal Size with Log Rotation and Persistent Journal Storage

 Posted on 15 May 2026  |  3 minutes  |  579 words  |  Carla Brown

Introduction to systemd’s Journal

I’ve worked with Linux systems for years, and one thing that’s always been important is managing system logs. Systemd’s journal is a great tool for this, providing a centralized logging solution that’s both robust and efficient. By default, the journal stores its data in a volatile, in-memory cache, and on disk in /var/log/journal/. However, I’ve seen this go wrong when the journal’s size grows rapidly, especially on systems with high log volumes. This can lead to performance issues and disk space consumption. To avoid this, you can use log rotation and persistent journal storage.

[Read More]
linux  systemd  logging  security 

The Linux Audit System

Monitoring and Logging for Enhanced Security

 Posted on 26 January 2025  |  3 minutes  |  634 words  |  Carla Brown

Security is a crucial aspect of any Linux system. To maintain a secure environment, it’s important to monitor activities, track events, and log significant changes. The Linux Audit system provides a comprehensive framework for auditing and logging, enabling administrators to monitor user activity, detect security violations, and meet compliance requirements.

What is the Linux Audit System?

The Linux Audit system is a powerful tool that logs system events based on user-defined rules. It records detailed information about activities such as file access, configuration changes, and authentication attempts. The logs generated by the Audit system can help identify unusual behavior or unauthorized access, providing an essential layer of security.

[Read More]
linux  audit  security  logging