Linux Learning-Log management

Source: Internet
Author: User
Tags rsyslog dmesg

1 OK start rsyslogd service

  PS aux | grep rsyslogd See if the service is started

  chkconfig--list | grep rsyslog See if the service is self-booting

2 The role of common logs
log file description
/var/log/cron System timer task related log
/var/log/cups print Infolog
/var/log/dmesg

System boot-time kernel self-test information,

can also be directly viewed with the DMESG command

/V Ar/log/btmp

Error logging

Binaries, using the LASTB command to view

/var/log/lastlog

User last Login time log

Binary file, use Lastlog command to view

/var/log/mailog Mail information
/var/log/message system Critical Information log
/var/log/secure record authentication and authorization information
/var/log/wtmp

Log all user login and logoff information while recording system startup, restart, shutdown events

Binaries, using the last command to view

/var/run/utmp

Record user information that is currently logged

Use W, who, users, and more to query

Note: In addition to the system default logs, System services installed in RPM will also default to logging in the/var/log/directory. However, these logs are not recorded and managed by the RSYSLOGD service, but each service uses its own log management documentation to log itself.

Second, RSYSLOGD Log service 1st Journal file format

    Time the event was generated

The server host name of the event that occurred

The service name or program name that generated the event

Specific information about the event

2/etc/rsyslog.conf configuration file

  

Format: service name [connection symbol] Log level log record location

Service Name Description
Auth Security and certification related information (deprecated, authpriv substitution)
Authpriv Security and certification related information (private)
Cron System timed tasks Cront and at-generated logs
Daemon Logs related to each daemon
Ftp Log generated by the FTP daemon
Kern Log generated by the kernel (not generated by user processes)
Local10-local7 Services reserved for local use
Lpr Print the resulting log
Mail Send and receive messages
News News server-related logs
Syslog Log information generated by the SYSLOGD service
User Log information for the user level category
Uucp Log information for the UUCP subsystem

Connection symbols Description
. Represents as long as the log that is higher than the subsequent level is recorded
.= Represents only the log of the required level
.! Represents other levels of logs, except for the level of logs, which are recorded

Note: ". *" means all logs

  

Log level Description
Debug General Instructions for debugging information
Info Basic notification Information
Notice General information, but it is of some importance
Warning Warning message, but does not affect the operation of the service or system
Err Error messages, which generally reach the err level can affect the operation of the service or system
Crit Critical condition information, more severe than err
Alert Warning status information, more serious than crit, must take immediate action
Emerg Pain level information, system is no longer available

Third, the log rotation

1st log file naming rules

If you have the "Dateext" parameter in the configuration file, the log is named by date, such as "secure-20180310"

If there is no "dateext" parameter in the configuration file, the log is named, such as "Secure.1"

Linux Learning-Log management

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.