Sinsing analysis of logs in Linux

Source: Internet
Author: User
Tags syslog

The log of connection time in Linux is usually recorded by the two files of/var/log/wtmp and/var/run/utmp, but these two files cannot be viewed directly with cat, and the file is automatically updated by the system, we can use W, who, Finger, ID, Last, Lastlog, ac command to view.

Linux in the monitoring log for the process, first of all, the process monitoring log in the monitoring of the user's operation instructions is very effective, when the server recently found that there is often no reason to go down or for no reason to delete files, etc., can be viewed by using process statistics logs. We use ACCTON/VAR/ACCOUNT/PACCT to turn on process statistics log monitoring, and we can use Lastcomm to view process statistics logs.

Linux for Log service is managed by a service called syslog, such as syslog Log service to drive a lot of files, such as/var/log/lastlog is to record the last time the user successfully logged on, IP information, and/var/log/ Messages is the common system and service error information of Linux operating system, while/var/log/secure records Linux system security log, records user and workgroup transformation, user login authentication information, and/var/log/ Btmp records the user, time, and remote IP address of a Linux login failure, while/var/log/cron records the execution of scheduled tasks.

The Syslog service is managed by two important configuration files, namely the/etc/syslog.conf Master profile and the/etc/sysconfig/syslog secondary configuration file, while/etc/init.d/syslog is the startup script.

When the system is working for a certain period of time, the contents of the log file will increase with the time and the number of visits, the log files will become larger and higher, when the logs file beyond the control of the system, it will have a systemic performance impact. Dumps can be set to yearly dumps, monthly dumps, weekly dumps, a certain size dump, and so on.

In the Linux system, we often use logrotate for log dump, combined with cron scheduling task, can easily realize the dump of the log file, the setting of the dump mode has/etc/logrotate.conf configuration file control.

Sinsing analysis of logs in Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.