I am trying to pull information from a log and wondering if there are Security event Id's similar to windows or how can I pull and Separate. Password and account altering message logs
You'll need to be more specific than "UNIX/linux".
Unix has got text log files.
Use ssh/putty to login. In the login shell you can use grep command to filter certain information.
Different Unix have different log files.
Most Linux versions have got /var/log/messages .
Solaris has got /var/adm/messages .
HP-UX has got /var/adm/syslog/syslog.log .
...
Also the log levels are slightly different.
Unix and most Linux have got syslogd service, and log details are configured in the text file /etc/syslog.conf .