Analysis of linux logs and linux logs

Source: Internet
Author: User
Tags syslog

Analysis of linux logs and linux logs

In linux, the connection time logs are generally recorded by the/var/log/wtmp and/var/run/utmp files. However, these two files cannot be directly viewed by cat, the file is automatically updated by the system. You can view the file by using the w, who, finger, id, last, lastlog, and ac commands.

For process monitoring logs in linux, process monitoring logs are effective in monitoring user operation commands, you can view the process Statistics log when the server recently finds that the server often goes down without reason or is deleted without reason. We use accton/var/account/pacct to enable process Statistics log monitoring. We can use lastcomm to view process statistics logs.

In linux, Log service is managed by a service named syslog. For example, syslog Log service drives many files, for example,/var/log/lastlog records the time when the last user successfully logs in and the IP address of the login, /var/log/messages records common system and service error messages of linux operating systems, /var/log/secure records linux system security logs, user and Working Group changes, user logon authentication information, And/var/log/btmp records linux logon failures. user, time, and remote IP address, /var/log/cron records the execution of scheduled tasks.

The syslog service is managed by two important configuration files:/etc/syslog. conf main configuration file and/etc/sysconfig/syslog auxiliary configuration file, while/etc/init. d/syslog is the startup script.

After the system has been working for a certain period of time, the log file content will increase with the increase of time and traffic, and the log file will become larger and larger. When the log file exceeds the control of the system, this will affect the system performance. The dump mode can be set to annual dump, monthly dump, weekly dump, or a certain size dump.

In linux, we often use logrotate to dump logs. Combined with cron scheduled tasks, we can easily dump log files. The dump mode is set to/etc/logrotate. conf configuration file control.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.