Log-syslog System Log

Source: Internet
Author: User
Tags fpm php error php error log php script syslog system log
This article lists several log files in the Linux system. and combining the log records in the message, a simple analysis is made. Syslog is the default log daemon for Linux systems. The default Syslog profile is the/etc/sysctl.conf file. Typically, Syslog accepts information from various functions of the system, each of which includes an important level. The/etc/syslog.conf file notifies syslogd how to report information based on device and information importance levels.
So, what are the logs of Linux records?
/var/log/lastlog: Record the last time the user successfully logged in, login IP and other information
/var/log/messages: Log the common system and service error messages for Linux operating systems
/var/log/secure : Linux system security log, record user and workgroup bad situation, user login authentication
/var/log/btmp: Log user, time and remote IP address of Linux login failure
/var/log/cron : Record Crond scheduled task service execution

grep ' Find key field '/var/log/messages|head-n number
grep ' Find key field '/var/log/messages|tail-n number of rows

How to view a log (in message as an example)

Question 1:time wait bucket table overflow Analysis: The reason is more than the number of Linux system TW valve value. Damage is more than the threshold, the system will be redundant time-wait socket removed, and display a warning message, if the NAT network environment and a large number of access, will produce a variety of connections unstable disconnect. According to the error prompts, you need to change the Net.ipv4.tcp_max_tw_buckets kernel parameter. This parameter is the maximum number of timewait sockets that the system maintains at the same time. If this number is exceeded, the time-wait socket is immediately cleared and the warning message is printed. This limitation is only to prevent simple Dos attacks. I have seen the time_wait in my system is produced by PHP-FPM, is a normal phenomenon. Solve:
VI  /etc/sysctl.conf
net.ipv4.tcp_max_tw_buckets = 20000

Related articles: Understanding time_wait, thoroughly understand solve tcp:http://www.itnpc.com/news/web/146163065359633.html solve time_wait problems caused by too much: http:// blog.csdn.net/eroswang/article/details/51141963 "Linux Log" system log and Analysis: http://www.cnblogs.com/yingsong/p/6022181.html

Problem 2:7:28 kernel:php-fpm[18290]: segfault at 7ff56c752268 IP 00007ff56c752268 sp 00007fff18bc1b18 error in zero (delet ed) [7ff56be47000+8000000] Analysis: With backlog configuration, need to understand the department of "Computer network" three times handshake, four wave mechanism. Not too much in this description, find a few articles, detailed interested, you can see the relevant articles below. Solve:
VI  /etc/sysctl.conf
net.ipv4.tcp_max_tw_buckets = 10000

Related article: Nginx php-fpm segfault that thing: http://blog.csdn.net/mengfanzhong/article/details/53012478 php-fpm parameter potential problem: http://blog.csdn.net/willas/article/details/11634825 TCP/IP protocol backlog analysis and settings and TCP state changes: http://www.2cto.com/net/ 201307/224634.html a segfault error in the troubleshooting process: http://blog.csdn.net/zhaohaijie600/article/details/45246569

Summary: So, ask multiple questions can be modified in the sysctl.conf configuration file, as shown in the following figure. But all problems found solution, to combine the current business and machine configuration reasonable adjustment, not indiscriminately modified. Usually have time also can go to production to see the relevant operating system log, there is a better understanding of their own system.
Edit configuration file: vi/etc/sysctl.conf

Other articles reference: Linux syslog detailed: http://www.cnblogs.com/skyofbitbit/p/3674664.html settings sysctl.conf (configuration sysctl.conf file detailed): http:// blog.csdn.net/21aspnet/article/details/6584792 Linux under the syslog usage instructions: http://blog.chinaunix.net/ Uid-25120309-id-3359929.html
System log: Record system related information: http://blog.csdn.net/ty_hf/article/details/55511624 Apache access logs and error logs: http://blog.csdn.net/ty_hf/ article/details/55504719 nginx access log and error log: http://blog.csdn.net/ty_hf/article/details/55518070 php-fpm slow Log : Detect slow PHP script: http://blog.csdn.net/ty_hf/article/details/55504172 PHP error log: Detects PHP run or user logs error log: http:// blog.csdn.net/ty_hf/article/details/55505262 MySQL slow log: Record the performance sql:http://blog.csdn.net/ty_hf/article/in the MySQL server details/55504172
This article address: http://blog.csdn.net/ty_hf/article/details/55511624

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.