CentsOS system inotify monitors server files in real time

Source: Internet
Author: User
Tags inotify centos rsync

Method 1


Note:

Server System: CentOS

File Directory:/home/web/osyunwei.com

Purpose:

Logs are recorded and saved when any file except the cache directory changes under/home/web/osyunwei.com.

Specific operations:

1. Install Inotify-tools

1. Check whether the server kernel supports inotify.

Ll/proc/sys/fs/inotify # list the file directories. The following content appears, indicating that the server kernel supports inotify.

-Rw-r -- 1 root 0 Mar 7 0:17 max_queued_events

-Rw-r -- 1 root 0 Mar 7 max_user_instances

-Rw-r -- 1 root 0 Mar 7 max_user_watches

Note: In Linux, the minimum kernel that supports inotify is 2.6.13. You can run the following command: uname-a to view the kernel:

CentOS 5.X kernel 2.6.18. inotify is supported by default.

2. Install inotify-tools

Yum install make gcc-c ++ # install the compilation tool

Inotify-tools download: http://github.com/downloads/rvoicilas/inotify-tools/inotify-tools-3.14.tar.gz

Upload inotify-tools-3.14.tar.gz to the/usr/local/src directory.

Cd/usr/local/src

Tar zxvf inotify-tools-3.14.tar.gz # extract

Cd inotify-tools-3.14 # enter the extract Directory

./Configure -- prefix =/usr/local/inotify # configuration

Make # compile

Make install # install

3. Set system environment variables and add soft connections

Echo "PATH =/usr/local/inotify/bin: $ PATH">/etc/profile. d/inotify. sh

Source/etc/profile. d/inotify. sh # Make the settings take effect immediately

Echo "/usr/local/inotify/lib">/etc/ld. so. conf. d/inotify. conf

Ln-s/usr/local/inotify/include/usr/include/inotify

4. Modify the default inotify parameter (the default inotify kernel parameter value is too small)

View default system parameter values

Sysctl-a | grep max_queued_events

The result is: fs. inotify. max_queued_events = 16384.

Sysctl-a | grep max_user_watches

The result is: fs. inotify. max_user_watches = 8192.

Sysctl-a | grep max_user_instances

Result: fs. inotify. max_user_instances = 128

Modify parameters:

Sysctl-w fs. inotify. max_queued_events = "99999999"

Sysctl-w fs. inotify. max_user_watches = "99999999"

Sysctl-w fs. inotify. max_user_instances = "65535"

Vi/etc/sysctl. conf # add the following code

Fs. inotify. max_queued_events = 99999999

Fs. inotify. max_user_watches = 99999999

Fs. inotify. max_user_instances = 65535

: Wq! # Save and exit

Parameter description:

Max_queued_events:

The maximum length of the inotify Queue. If the value is too small, the error "** Event Queue Overflow **" will occur, resulting in inaccurate monitoring files.

Max_user_watches:

The number of directories in the file to be synchronized can be found/home/www.osyunwei.com-type d | wc-l, make sure that the max_user_watches value is greater than the statistical result (here/home/www.osyunwei.com is the directory for synchronizing files)

Max_user_instances:

Maximum value of inotify instance created by each user

2. Create a real-time monitoring script

Mkdir-p/home/inotify # Create a directory

Vi/home/inotify/inotif. sh # Edit

#! /Bin/sh

/Usr/local/inotify/bin/inotifywait-mrq-e modify, create, move, delete -- fromfile '/home/inotify/excludedir' -- timefmt '% y-% m-% d % H: % M' -- format' % T % f % e'

/Home/web/osyunwei.com/>/tmp/rsync.txt

: Wq! # Save and exit

Vi/home/inotify/excludedir # Edit

/Home/web/osyunwei.com/

@/Home/web/osyunwei.com/cache/ # excluded Directory

: Wq! # Save and exit

Chmod + x/home/inotify/inotif. sh # Add execution permission

Vi/etc/rc. d/rc. local # edit, add a line at the end, and automatically execute

Sh/home/inotify/inotif. sh

: Wq! # Save and exit

If any file in the/home/web/osyunwei.com/directory changes, the/tmp/rsync.txt file will be recorded.

Now, inotify-tool is used in Linux to monitor server files in real time.

Method 2

Inotify-tools is a command line tool that monitors file changes through the inotify mechanism in linux. It monitors and records file changes on the server in real time. If there is a server problem, you can help find the cause, the kernel must be later than 2.6.13.

Check whether the server meets the installation requirements:


Uname-
Linux centos5.7-x64 2.6.18-274.17.1.el5


Ll/proc/sys/fs/inotify/
-Rw-r -- 1 root 0 05-15 0:12 max_queued_events
-Rw-r -- 1 root 0 05-15 0:12 max_user_instances
-Rw-r -- 1 root 0 05-15 0:12 max_user_watches

If the server has an EPEL source installed, you can use yum to install it:


Yum install inotify-tools

Compile and install:


Cd/usr/local/src/
Wget -- no-check-certificate https://github.com/downloads/rvoicilas/inotify-tools/inotify-tools-3.14.tar.gz
Tar zxvf inotify-tools-3.14.tar.gz
Cd inotify-tools-3.14
./Configure
Make
Make install
Ldconfig-v

Inotify parameters:


/Proc/sys/fs/inotify/max_queued_events # maximum number of request events
/Proc/sys/fs/inotify/max_user_instances # maximum number of instances that can be created by each user
/Proc/sys/fs/inotify/max_user_watches # maximum number of monitored directories
Inotifywait is a monitoring wait event that can be used with shell real-time monitoring to record file systems. Common parameters:


-- Timefmt time format
% Y % m month % d % H hour % M minutes
-- Format output format
% T time % w path % f file name % e status
-M always keeps listening. The default trigger event exits.
-R recursive query Directory
-Q: print monitoring events
-E defines monitoring events. Available parameters:
Open file
Access file
Modify
Delete file
Create new file
Attrb attribute change
Application example:
Real-time monitoring of new or modified files under the wwwroot directory and output:
 
Inotifywait-mrq-e modify, create -- timefmt '% y-% m-% d % H: % M' -- format' % T % f % e'/home/wwwroot/

The output is as follows:
 
12-05-14 20:43 favicon. ico
12-05-14 20:43 favicon. ico
12-05-14 20:43 tab_console_down.gif
12-05-14 20:43 tab_console_down.gif
12-05-14 20:43 tab_graphs.gif
12-05-14 20:43 tab_graphs.gif

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.