Linux Log system diagram

Log system Diagram

first map, how, the effect is good, according to personal understanding of the painting, if not the line will be used.

commentary

Syslog is a mechanism in which the wiki says this mechanism can use Udp,tcp,unix sockets to log logs locally or remotely. Liunx has a well-known syslog package, in which the daemon is part of SYSKLOGD (my machine--open SuSE 10.3--is not), it first starts, then launches KLOGD, reads from the kernel or/proc/kmsg, Recorded in the ring buffer, until the user-state daemon syslogd up, then the KLOGD recorded information to the SYSLOGD. Recorded in/var/log/messages. They have a division of labor, SYSLOGD accept user space information, how to record, record what has/etc/syslog.conf configuration. There are two common interfaces, the C interface function is Syslog (), and the Shell interface is the logger command. The fundamental parameter names can be referenced/usr/include/syslog.h KLOGD receive kernel information, recorded in memory, this memory is a cyclic buffer, usually called ring buffer, generally by the kernel function PRINTK () issued, type or emergency has 0-7 digital control, in/usr/include/linux/ There is a definition in kernel.h. Reads the KERNEL.PRINTK designation of the/etc/sysctl.conf when it is turned on, and can write a number designation to/proc/kmsg during the run. Specific information has DMESG command to view. How to come out a syslog-ng, he is the second generation of syslogd, Next generation, is also a daemon. Configuration file/etc/syslog-ng/syslog.conf. Use which one is defined in/etc/sysconfig/syslog's Syslog_daemon. The process is a bit of a prospect. In the shell layer, we often use command logger in the shell. Look at the Logger print statement

1. Logger 123456

The/var/log/message will print

1. Feb 4 00:30:26 Lux root:123456

Print the contents of the file to messages

1. # echo 123456 > tmp
2. # logger-f TMP
3. # tail/var/log/messages

Messages will print

1. Feb 4 00:33:01 Lux logger:123456

Add a custom type

1. Logger-t TTT 123456

The/var/log/message will print

1. Feb 4 00:30:26 Lux ttt:123456

look, their ":" Front if nothing is specified is the user name, if printing from a file is the name of the parent process's command, the designation is of course a custom type. More content Men (man).

Common Commands

W each user in the current system and the process information it is running W.H.O. Each user who is currently logged on Users print out the currently logged on user Finger who is logged in at some time Last All users who have been last logged in AC the time the user entered and exited to connect

Common Log Files

/var/log/boot.log boot process, post /var/log/cron Crond recorded, including user, login time, PID ... /var/log/maillog /var/log/syslog error password, sendmail problem, su command failed to execute in login record ... /var/log/secure /var/log/lastlog /var/log/wtmp /var/log/utmp /var/log/xferlog FTP Session /var/log/kernlog Kernel Messages

Reference Articles

Common Commands http://www.5dlinux.com/article/9/2009/linux_32403.html SYSKLOGD System Logger http://lamp.linux.gov.cn/Linux/sysklogd.html interaction of KLOGD and Syslogd http://hi.baidu.com/bihailan/blog/item/973a1d8f608530e5f11f36a6.html using the Syslog-ng log server on red flags http://tech.ddvip.com/2009-02/1234016033107763_2.html syslog log server erection Strategy http://tech.ddvip.com/2009-02/1234012018107751.html syslog wiki Http://en.wikipedia.org/wiki/Syslog syslog.conf Bilingual http://blog.chinaunix.net/space.php?uid=20422917&do=blog&id=1682944 Logger logrotate http://qubaoquan.blog.51cto.com/1246748/293050 Linux log ins and outs http://bowen.blog.51cto.com/136148/107113

more detailed picture

  

Linux Log system diagram