{"id":140,"date":"2026-05-01T23:40:36","date_gmt":"2026-05-01T21:40:36","guid":{"rendered":"https:\/\/eryann.fr\/?p=140"},"modified":"2026-05-02T14:09:00","modified_gmt":"2026-05-02T12:09:00","slug":"fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme","status":"publish","type":"post","link":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/","title":{"rendered":"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me"},"content":{"rendered":"\n<p>Pour les \u00e9tudiants en BTS CIEL ou SIO, savoir lire et exploiter les logs est essentiel.<br>Les journaux permettent de :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>diagnostiquer une panne<\/li>\n\n\n\n<li>d\u00e9tecter une intrusion<\/li>\n\n\n\n<li>comprendre le fonctionnement du syst\u00e8me<\/li>\n<\/ul>\n\n\n\n<p>Cette fiche pr\u00e9sente les principaux fichiers de logs Debian et les commandes pour les exploiter efficacement.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"683\" height=\"1024\" src=\"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png\" alt=\"\" class=\"wp-image-141\" srcset=\"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png 683w, https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-200x300.png 200w, https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-768x1152.png 768w, https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8.png 1024w\" sizes=\"auto, (max-width: 683px) 100vw, 683px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Commandes d\u2019analyse des logs (bloc unique)<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># =========================================================<br># CONSULTATION DES LOGS<br># =========================================================<br><br># Lire un fichier complet<br>cat \/var\/log\/syslog<br><br># Lire avec pagination<br>less \/var\/log\/syslog<br><br># Voir les derni\u00e8res lignes<br>tail \/var\/log\/syslog<br><br># Suivre un log en temps r\u00e9el<br>tail -f \/var\/log\/syslog<br><br># Voir les 50 derni\u00e8res lignes<br>tail -n 50 \/var\/log\/syslog<br><br># =========================================================<br># RECHERCHE DANS LES LOGS<br># =========================================================<br><br># Rechercher un mot cl\u00e9<br>grep \"error\" \/var\/log\/syslog<br><br># Recherche insensible \u00e0 la casse<br>grep -i \"fail\" \/var\/log\/auth.log<br><br># Rechercher plusieurs mots<br>grep -E \"error|fail|warning\" \/var\/log\/syslog<br><br># Afficher les lignes AVANT et APRES<br>grep -C 3 \"ssh\" \/var\/log\/auth.log<br><br># Compter les occurrences<br>grep -c \"Failed password\" \/var\/log\/auth.log<br><br># =========================================================<br># FILTRAGE AVANCE<br># =========================================================<br><br># Trier les r\u00e9sultats<br>grep \"error\" \/var\/log\/syslog | sort<br><br># Supprimer les doublons<br>grep \"error\" \/var\/log\/syslog | sort | uniq<br><br># Compter par type<br>grep \"Failed password\" \/var\/log\/auth.log | wc -l<br><br># Top des IP qui tentent de se connecter<br>grep \"Failed password\" \/var\/log\/auth.log | awk '{print $11}' | sort | uniq -c | sort -nr<br><br># =========================================================<br># JOURNALCTL (SYSTEMD)<br># =========================================================<br><br># Voir tous les logs<br>journalctl<br><br># Logs r\u00e9cents<br>journalctl -xe<br><br># Logs d\u2019un service<br>journalctl -u ssh<br><br># Logs en temps r\u00e9el<br>journalctl -f<br><br># Logs depuis aujourd\u2019hui<br>journalctl --since today<br><br># Logs entre deux dates<br>journalctl --since \"2026-05-01 10:00:00\" --until \"2026-05-01 12:00:00\"<br><br># =========================================================<br># ANALYSE RESEAU \/ SECURITE<br># =========================================================<br><br># Tentatives SSH \u00e9chou\u00e9es<br>grep \"Failed password\" \/var\/log\/auth.log<br><br># Connexions r\u00e9ussies<br>grep \"Accepted password\" \/var\/log\/auth.log<br><br># Red\u00e9marrages syst\u00e8me<br>grep \"reboot\" \/var\/log\/syslog<br><br># Erreurs syst\u00e8me<br>grep -i \"error\" \/var\/log\/syslog<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Explication d\u00e9taill\u00e9e<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Emplacement des logs<\/h4>\n\n\n\n<p>Les logs Debian sont stock\u00e9s dans <code>\/var\/log\/<\/code>.<\/p>\n\n\n\n<p>Fichiers importants :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>\/var\/log\/syslog<\/code> : logs syst\u00e8me g\u00e9n\u00e9raux<\/li>\n\n\n\n<li><code>\/var\/log\/auth.log<\/code> : authentification (SSH, sudo)<\/li>\n\n\n\n<li><code>\/var\/log\/kern.log<\/code> : noyau Linux<\/li>\n\n\n\n<li><code>\/var\/log\/dpkg.log<\/code> : installations de paquets<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">Lecture des logs<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>cat<\/code> : lecture brute (peu pratique pour gros fichiers)<\/li>\n\n\n\n<li><code>less<\/code> : navigation dans le fichier<\/li>\n\n\n\n<li><code>tail<\/code> : visualisation des derni\u00e8res lignes<\/li>\n\n\n\n<li><code>tail -f<\/code> : surveillance en temps r\u00e9el<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">Recherche avec grep<\/h4>\n\n\n\n<p><code>grep<\/code> est l\u2019outil principal :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>-i<\/code> : ignore la casse<\/li>\n\n\n\n<li><code>-E<\/code> : expressions r\u00e9guli\u00e8res<\/li>\n\n\n\n<li><code>-C<\/code> : contexte autour du r\u00e9sultat<\/li>\n<\/ul>\n\n\n\n<p>Permet de filtrer rapidement des \u00e9v\u00e9nements pr\u00e9cis.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">Analyse avanc\u00e9e<\/h4>\n\n\n\n<p>Combinaison de commandes :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>awk<\/code> : extraction de colonnes<\/li>\n\n\n\n<li><code>sort<\/code> : tri<\/li>\n\n\n\n<li><code>uniq<\/code> : suppression doublons<\/li>\n\n\n\n<li><code>wc -l<\/code> : comptage<\/li>\n<\/ul>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>identifier les IP attaquantes<\/li>\n\n\n\n<li>d\u00e9tecter des r\u00e9p\u00e9titions suspectes<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">journalctl (systemd)<\/h4>\n\n\n\n<p>Remplace en partie les fichiers classiques :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>centralise les logs<\/li>\n\n\n\n<li>permet un filtrage pr\u00e9cis (service, date)<\/li>\n<\/ul>\n\n\n\n<p>Tr\u00e8s utilis\u00e9 en environnement moderne.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Cas pratiques<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">D\u00e9tection brute force SSH<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>rechercher \u00ab\u00a0Failed password\u00a0\u00bb<\/li>\n\n\n\n<li>identifier les IP<\/li>\n\n\n\n<li>compter les tentatives<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Analyse d\u2019un service<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>journalctl -u nom_du_service<\/code><\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Diagnostic syst\u00e8me<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>erreurs dans syslog<\/li>\n\n\n\n<li>reboot inattendu<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Consultation des logs<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>cat \/var\/log\/syslog<br>less \/var\/log\/syslog<br>tail \/var\/log\/syslog<br>tail -f \/var\/log\/syslog<br>tail -n 50 \/var\/log\/syslog<\/code><\/pre>\n\n\n\n<p>Exemple de sortie :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>May  1 12:01:15 debian systemd&#91;1]: Started Session 1234 of user root.<br>May  1 12:01:15 debian sshd&#91;1234]: Accepted password for root from 192.168.1.50 port 55210 ssh2<br>May  1 12:01:16 debian sudo: root : TTY=pts\/0 ; PWD=\/root ; USER=root ; COMMAND=\/bin\/ls<br>May  1 12:01:20 debian CRON&#91;1250]: (root) CMD (cd \/ &amp;&amp; run-parts --report \/etc\/cron.hourly)<br>May  1 12:01:25 debian systemd&#91;1]: Finished Daily apt download activities.<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Recherche dans les logs avec grep<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"error\" \/var\/log\/syslog<br>grep -i \"fail\" \/var\/log\/auth.log<br>grep -E \"error|fail|warning\" \/var\/log\/syslog<br>grep -C 3 \"ssh\" \/var\/log\/auth.log<br>grep -c \"Failed password\" \/var\/log\/auth.log<\/code><\/pre>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>May  1 11:50:12 debian sshd&#91;1122]: Failed password for invalid user admin from 192.168.1.60 port 53322 ssh2<br>May  1 11:50:15 debian sshd&#91;1122]: Failed password for root from 192.168.1.60 port 53322 ssh2<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Filtrage avanc\u00e9 et analyse<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"error\" \/var\/log\/syslog | sort<br>grep \"error\" \/var\/log\/syslog | sort | uniq<br>grep \"Failed password\" \/var\/log\/auth.log | wc -l<\/code><\/pre>\n\n\n\n<p>Top des IP en brute force :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"Failed password\" \/var\/log\/auth.log | awk '{print $11}' | sort | uniq -c | sort -nr<\/code><\/pre>\n\n\n\n<p>Exemple de sortie :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>15 192.168.1.60<br>4  192.168.1.61<br>2  10.0.0.5<br>1  203.0.113.10<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">journalctl (systemd)<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>journalctl<br>journalctl -xe<br>journalctl -u ssh<br>journalctl -f<br>journalctl --since today<br>journalctl --since \"2026-05-01 10:00:00\" --until \"2026-05-01 12:00:00\"<\/code><\/pre>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>May 01 10:15:01 debian systemd&#91;1]: Starting OpenBSD Secure Shell server...<br>May 01 10:15:02 debian sshd&#91;1200]: Server listening on 0.0.0.0 port 22.<br>May 01 10:20:45 debian sshd&#91;1201]: Failed password for invalid user test from 192.168.1.60 port 53332 ssh2<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Analyse r\u00e9seau \/ s\u00e9curit\u00e9<\/h2>\n\n\n\n<p>Tentatives SSH \u00e9chou\u00e9es :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"Failed password\" \/var\/log\/auth.log<\/code><\/pre>\n\n\n\n<p>Connexions r\u00e9ussies :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"Accepted password\" \/var\/log\/auth.log<\/code><\/pre>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>May  1 12:01:15 debian sshd&#91;1234]: Accepted password for root from 192.168.1.50 port 55210 ssh2<\/code><\/pre>\n\n\n\n<p>Red\u00e9marrages syst\u00e8me :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"reboot\" \/var\/log\/syslog<\/code><\/pre>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Apr 30 22:15:02 debian systemd&#91;1]: System rebooted.<br>Apr 30 22:15:02 debian kernel: Linux version 6.1.0-18-amd64<\/code><\/pre>\n\n\n\n<p>Erreurs syst\u00e8me :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep -i \"error\" \/var\/log\/syslog<\/code><\/pre>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>May  1 11:43:22 debian systemd&#91;1]: Failed to start MySQL Community Server.<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Cas pratiques<\/h2>\n\n\n\n<p>Identifier les IP en brute force SSH :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep \"Failed password\" \/var\/log\/auth.log | awk '{print $11}' | sort | uniq -c | sort -nr<\/code><\/pre>\n\n\n\n<p>Nombre total de tentatives \u00e9chou\u00e9es :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep -c \"Failed password\" \/var\/log\/auth.log<\/code><\/pre>\n\n\n\n<p>Voir les erreurs Apache :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>grep -i \"error\" \/var\/log\/apache2\/error.log<\/code><\/pre>\n\n\n\n<p>Voir les red\u00e9marrages syst\u00e8me :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>journalctl --since today | grep -i reboot<\/code><\/pre>\n\n\n\n<p>Voir les installations de paquets :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>less \/var\/log\/dpkg.log<\/code><\/pre>\n\n\n\n<p>Suivre un service en temps r\u00e9el :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>journalctl -u nginx -f<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Bonnes pratiques<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>surveiller r\u00e9guli\u00e8rement les logs<\/li>\n\n\n\n<li>automatiser avec des scripts<\/li>\n\n\n\n<li>mettre en place une rotation (logrotate)<\/li>\n\n\n\n<li>centraliser les logs (SIEM, syslog distant)<\/li>\n\n\n\n<li>restreindre l\u2019acc\u00e8s aux logs sensibles<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">R\u00e9capitulatif des fichiers importants<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Fichier<\/th><th>R\u00f4le<\/th><\/tr><\/thead><tbody><tr><td>\/var\/log\/syslog<\/td><td>logs syst\u00e8me g\u00e9n\u00e9raux<\/td><\/tr><tr><td>\/var\/log\/auth.log<\/td><td>authentification<\/td><\/tr><tr><td>\/var\/log\/kern.log<\/td><td>noyau<\/td><\/tr><tr><td>\/var\/log\/dpkg.log<\/td><td>gestion des paquets<\/td><\/tr><tr><td>\/var\/log\/apache2\/<\/td><td>logs web<\/td><\/tr><tr><td>\/var\/log\/mysql\/<\/td><td>logs base de donn\u00e9es<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">Conclusion<\/h3>\n\n\n\n<p>La ma\u00eetrise des logs est indispensable pour :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>l\u2019administration syst\u00e8me<\/li>\n\n\n\n<li>la cybers\u00e9curit\u00e9<\/li>\n\n\n\n<li>le diagnostic<\/li>\n<\/ul>\n\n\n\n<p>Savoir utiliser <code>grep<\/code>, <code>awk<\/code>, <code>journalctl<\/code> permet d\u2019analyser rapidement un incident et de comprendre le comportement du syst\u00e8me.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n","protected":false},"excerpt":{"rendered":"<p>Pour les \u00e9tudiants en BTS CIEL ou SIO, savoir lire et exploiter les logs est essentiel.Les journaux permettent de : Cette fiche pr\u00e9sente les principaux fichiers de logs Debian et les commandes pour les exploiter efficacement. Commandes d\u2019analyse des logs (bloc unique) Explication d\u00e9taill\u00e9e Emplacement des logs Les logs Debian sont stock\u00e9s dans \/var\/log\/. Fichiers [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[12,10],"tags":[],"class_list":["post-140","post","type-post","status-publish","format-standard","hentry","category-linux","category-reseau"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me - Eryann Breizh SecOps<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me - Eryann Breizh SecOps\" \/>\n<meta property=\"og:description\" content=\"Pour les \u00e9tudiants en BTS CIEL ou SIO, savoir lire et exploiter les logs est essentiel.Les journaux permettent de : Cette fiche pr\u00e9sente les principaux fichiers de logs Debian et les commandes pour les exploiter efficacement. Commandes d\u2019analyse des logs (bloc unique) Explication d\u00e9taill\u00e9e Emplacement des logs Les logs Debian sont stock\u00e9s dans \/var\/log\/. Fichiers [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/\" \/>\n<meta property=\"og:site_name\" content=\"Eryann Breizh SecOps\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-01T21:40:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-02T12:09:00+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png\" \/>\n<meta name=\"author\" content=\"wpadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"wpadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/\"},\"author\":{\"name\":\"wpadmin\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/person\\\/d2ee98d2385cd045ed4fe1c07ca320b5\"},\"headline\":\"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me\",\"datePublished\":\"2026-05-01T21:40:36+00:00\",\"dateModified\":\"2026-05-02T12:09:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/\"},\"wordCount\":427,\"publisher\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png\",\"articleSection\":[\"Linux\",\"R\u00e9seau\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/\",\"url\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/\",\"name\":\"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me - Eryann Breizh SecOps\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png\",\"datePublished\":\"2026-05-01T21:40:36+00:00\",\"dateModified\":\"2026-05-02T12:09:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#primaryimage\",\"url\":\"http:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png\",\"contentUrl\":\"http:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/reseau\\\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/eryann.fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#website\",\"url\":\"https:\\\/\\\/eryann.fr\\\/\",\"name\":\"Eryann Breizh SecOps\",\"description\":\"Fiches techniques &amp; labs en syst\u00e8mes et r\u00e9seaux poor les \u00e9tudiants en BTS CEIL ET SIO\",\"publisher\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/eryann.fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#organization\",\"name\":\"Breizh Sec Ops\",\"url\":\"https:\\\/\\\/eryann.fr\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png\",\"contentUrl\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png\",\"width\":1246,\"height\":229,\"caption\":\"Breizh Sec Ops\"},\"image\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/person\\\/d2ee98d2385cd045ed4fe1c07ca320b5\",\"name\":\"wpadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g\",\"caption\":\"wpadmin\"},\"sameAs\":[\"https:\\\/\\\/eryann.fr\"],\"url\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/author\\\/wpadmin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me - Eryann Breizh SecOps","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/","og_locale":"fr_FR","og_type":"article","og_title":"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me - Eryann Breizh SecOps","og_description":"Pour les \u00e9tudiants en BTS CIEL ou SIO, savoir lire et exploiter les logs est essentiel.Les journaux permettent de : Cette fiche pr\u00e9sente les principaux fichiers de logs Debian et les commandes pour les exploiter efficacement. Commandes d\u2019analyse des logs (bloc unique) Explication d\u00e9taill\u00e9e Emplacement des logs Les logs Debian sont stock\u00e9s dans \/var\/log\/. Fichiers [&hellip;]","og_url":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/","og_site_name":"Eryann Breizh SecOps","article_published_time":"2026-05-01T21:40:36+00:00","article_modified_time":"2026-05-02T12:09:00+00:00","og_image":[{"url":"http:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png","type":"","width":"","height":""}],"author":"wpadmin","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"wpadmin","Dur\u00e9e de lecture estim\u00e9e":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#article","isPartOf":{"@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/"},"author":{"name":"wpadmin","@id":"https:\/\/eryann.fr\/#\/schema\/person\/d2ee98d2385cd045ed4fe1c07ca320b5"},"headline":"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me","datePublished":"2026-05-01T21:40:36+00:00","dateModified":"2026-05-02T12:09:00+00:00","mainEntityOfPage":{"@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/"},"wordCount":427,"publisher":{"@id":"https:\/\/eryann.fr\/#organization"},"image":{"@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#primaryimage"},"thumbnailUrl":"http:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png","articleSection":["Linux","R\u00e9seau"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/","url":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/","name":"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me - Eryann Breizh SecOps","isPartOf":{"@id":"https:\/\/eryann.fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#primaryimage"},"image":{"@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#primaryimage"},"thumbnailUrl":"http:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png","datePublished":"2026-05-01T21:40:36+00:00","dateModified":"2026-05-02T12:09:00+00:00","breadcrumb":{"@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#primaryimage","url":"http:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png","contentUrl":"http:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/27efe7fe-aad8-491a-9e71-9c528c00ffe8-683x1024.png"},{"@type":"BreadcrumbList","@id":"https:\/\/eryann.fr\/index.php\/reseau\/fiche-logs-debian-analyse-et-recherche-dans-les-journaux-systeme\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/eryann.fr\/"},{"@type":"ListItem","position":2,"name":"Fiche logs Debian : analyse et recherche dans les journaux syst\u00e8me"}]},{"@type":"WebSite","@id":"https:\/\/eryann.fr\/#website","url":"https:\/\/eryann.fr\/","name":"Eryann Breizh SecOps","description":"Fiches techniques &amp; labs en syst\u00e8mes et r\u00e9seaux poor les \u00e9tudiants en BTS CEIL ET SIO","publisher":{"@id":"https:\/\/eryann.fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/eryann.fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/eryann.fr\/#organization","name":"Breizh Sec Ops","url":"https:\/\/eryann.fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/eryann.fr\/#\/schema\/logo\/image\/","url":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png","contentUrl":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png","width":1246,"height":229,"caption":"Breizh Sec Ops"},"image":{"@id":"https:\/\/eryann.fr\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/eryann.fr\/#\/schema\/person\/d2ee98d2385cd045ed4fe1c07ca320b5","name":"wpadmin","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g","caption":"wpadmin"},"sameAs":["https:\/\/eryann.fr"],"url":"https:\/\/eryann.fr\/index.php\/author\/wpadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts\/140","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/comments?post=140"}],"version-history":[{"count":2,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts\/140\/revisions"}],"predecessor-version":[{"id":143,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts\/140\/revisions\/143"}],"wp:attachment":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/media?parent=140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/categories?post=140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/tags?post=140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}