Linux system management log

Others 2019-09-28 00:30:54 views: null

On a Linux system management log files can be very easy or very painful. It all depends on what you think of log management Yes.

If you think that is how to ensure that the log files do not run out of disk space on your Linux server, then the problem is usually very simple. Log files on the Linux system will automatically rollover, the system will only maintain a fixed number of flip logs. Even so, at first glance a group of hundreds of files may make people know what to do. In this article, we will look at how log rotation works, as well as some of the most relevant log files.

Automatic log rotation

Log files are often round robin. The current log file will get a slightly different name, and create a new log file. To the system log file, for example. For many normal system messages file, this file is an all-encompassing thing. If you cd to / var / log and look, you might see a series of system log file as follows:

$ Ls -l syslog * 
-RW r ----- 1 syslog adm 28996 July 30 07:40 syslog 
-RW r ----- 1 syslog adm 71212 July 30 00:00 syslog.1 
-RW r ----- 1 syslog adm 5449 July 29 00:00 syslog.2.gz 
-RW r ----- 1 syslog adm 6152 July 28 00:00 syslog.3.gz 
-RW r ---- - 1 syslog adm 7031 July 27 00:00 syslog.4.gz 
-RW r ----- 1 syslog adm 5602 July 26 00:00 syslog.5.gz 
-RW r ----- 1 syslog adm 5995 July 25 00:00 syslog.6.gz 
-RW r ----- 1 syslog adm 32924 July 24 00:00 syslog.7.gz

Rotation occurs at midnight every day and old log files will be left for one week, and then deletes the oldest system log files. syslog.7.gz file is deleted from the system, syslog.6.gz will be renamed to syslog.7.gz. The rest of the log file will be renamed in turn, until the syslog become syslog.1 and create a new syslog file. Some systems log file will be larger than the other files, but generally speaking, not a file can become very large, and you will never see more than eight files. This gives you more than one weeks time to review any data they collect.

The number of files of a particular log file maintenance depends on the log file itself. Some files may have 13. Notice how the syslog and dpkg old files are compressed to save space. Consideration here is that you are most interested in the most recent log, and the older logs can be decompressed with gunzip if necessary.

The log file can be rotated according to the time and size. Keep this in mind when checking the log file.

Although the default value for most Linux systems administrator, but if you wish, it can be configured differently for log file rotation. View these files, such as /etc/rsyslog.conf and /etc/logrotate.conf.

Using Log Files

Management of log files are also included from time to time to use them. The first step in using the log file may include: the habit of each log file can tell you how the system works and what problems you may be experiencing. From start to finish reading the log file is almost not a good choice, but when you want to understand the situation of your system is running, or need to track a problem, know how to get information from the log file will be a great advantage. It also shows that you have a general understanding of the information for each file stored in the. E.g:

$ Who wtmp | tail -10 show recent logins 
$ who wtmp | grep shark show a particular user's most recent login 
$ grep "sudo:" auth.log to see who is using sudo 
$ dmesg tail view (most recent) kernel log 
$ tail dpkg.log view recently installed and updated packages 
$ more ufw.log view firewall events (if you are using ufw)

Some of your run command will extract information from the log file. For example, if you want to view a list of system restarts, you can use the following command :

$ last reboot
reboot   system boot  5.0.0-20-generic Tue Jul 16 13:19   still running
reboot   system boot  5.0.0-15-generic Sat May 18 17:26 - 15:19 (21+21:52)
reboot   system boot  5.0.0-13-generic Mon Apr 29 10:55 - 15:34 (18+04:39)
More advanced log manager

Although you can write a script to make it easier to find information of interest in a log file, but you should also know that there are some very sophisticated tools can be used to log file analysis. Some information from multiple sources can be linked to a more comprehensive understanding of what is happening on your network. They can also provide real-time monitoring. These tools, such as Solarwinds Log & Event Manager and Network Monitor PRTG (including monitoring log) come to mind.

There are some free tools to help analyze log files. These include:

Logwatch - log line scanning program for the system log interest
Logcheck - log analyzer and reporter system

Guess you like

Origin www.cnblogs.com/tidings/p/11599016.html
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com