If you are using Amazon Linux for the first time after using other traditional Linux, you won’t find the log file in the /var directory.

This is because Amazon Linux by default the logs are recorded using systemd-journald and can be viewed using journalctl commands as below:

• journalctl to view all logs
• journalctl -r to view logs in reverse order
• journalctl -u <service_name> to view the logs of a specific service

If we want to have the actual log fies like any traditional linux distribution in /var/log/syslog or /var/log/messages files, the we can install rsyslog package on Amazon Linux instance(s) as below:

1. Install rsyslog: sudo yum install rsyslog
2. Start the rsyslog service: sudo systemctl start rsyslog
3. Enable rsyslog to start on boot: sudo systemctl enable rsyslog

After installation, rsyslog will create and maintain log files in the /var/log directory, including /var/log/messages.

Thanks for reading.