Linux Security Log – adminbolt Admin Panel

The Linux Security Log page shows security-related events from the operating system (e.g. authentication, sudo, SSH, failed logins). It helps administrators monitor server security and investigate incidents.

URL: /admin/linux-security-log

Overview

The log content is typically sourced from the system’s audit or auth logs (e.g. /var/log/secure, journalctl for auth, or auditd). The panel aggregates or tails these so you can view them without SSH access.

Purpose

• View recent security events: logins, logouts, failed attempts, sudo usage, SSH sessions.
• Identify brute-force or suspicious activity (e.g. many failed logins from one IP).
• Support compliance or audit requirements by having a central place to review security events.

Prerequisites

• Access to the admin panel in adminbolt.
• Logs in the sidebar (Logs → Linux Security Log).

Interface Description

• Page heading: Linux Security Logs (h1).
• Intro text: View and clear linux security logs.
• Search – Search box to filter log entries.
• Filters – Button (e.g. Filters 0) to apply additional filters.
• Table – Columns: Time (sortable), Module, Level, Message. Each row is one security event (e.g. sudo session, auth, SSH). Rows may show timestamp, module name, level (e.g. INFO), and message text.

Related sections

• Error Log – Panel/application error log.
• Execution Logs – Panel task execution.
• Fail2Ban – Bans triggered by failed logins; cross-reference with this log.

Sidebar location

Logs → Linux Security Log

Notes

• Security logs can contain sensitive data (IPs, usernames); restrict access and avoid exposing them in public or shared views.
• Correlate with Fail2Ban bans and firewall rules when investigating attacks.

---