Anyone know where there would be a good tutorial on log reading. Logcheck emails me what it feels are security threats, unusual events, etc... The only thing is I don't really know how to read the logs persay. Sure I know port sentry throws out some garbage, but some log entries I just don't understand like this one:

Cleaned cache of 1 RRset

Does it mean someone hacked in and cleaned up their tracks, or is it the machine tiding up itself. I don't think it is someone hacking because it appears quite a few times. But I am curious what it is and if there is a resource with an explanation of how to read a log, or some basic log examples and what they mean...

Any help would be appreciated...

I don't think you will find info on readin logs.
You can read the README file of the software it's running and most likley it will explain there, or just by looking at the log you can figure out what is means.