I would like to start this chapter by discussing logs, as they are a very important part of any system. By using log information, we can access the details of a system relatively easily. But what is a log? Well, a log is an event that contains a timestamp and a description of the event itself. It is appended to a journal or log file sequentially, where all of the lines of the logs are ordered based on the timestamp. As an example, here is an Apache server log:
127.0.0.1 - - [02/Apr/2019:10:15:22 +0530] "POST /blog/admin.php HTTP/1.1" 302 326 "http://localhost/blog/admin.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0"
Looking at the preceding code, we can guess the meaning of certain information, such as an IP address (127.0.0.1), a timestamp (02/Apr/2019:10:15:22 +0530), an HTTP verb (POST), and...