Some explanations of Linux system logs

Linux system logs

content in the 1.cat/etc/logrotate.conf file ( Dump = = Archive)

# see ' Man logrotate ' for details

# Rotate log Files Weekly

Weekly//= Cut once a week

# Keep 4 weeks worth of backlogs

Rotate 4//After cutting, we retain up to 4 files (under/var/log/)

# Create new (empty) log files after rotating old ones

Create//Generate a new log file (it is created when the file is not stored after dumping)

# Use date as a suffix of the rotated file

Dateext//reserved Four files, suffixes are named in the format of a date

# Uncomment this if you want your log files compressed

#compress//Compressed log file, commented out means not compressed

# RPM Packages Drop log rotation information into this directory

INCLUDE/ETC/LOGROTATE.D //In our/ETC/LOGROTATE.D directory there are many such configuration files (other log dumps, included in this directory)

# no packages own wtmp and btmp--we ' ll rotate them here

/var/log/wtmp {//dump configuration about WTMP

Monthly//Monthly archive

Create 0664 root utmp//0664 for permissions, Root is owner, group is utmp

MinSize 1M//The smallest size is 1 trillion, if less than 1 trillion, we do not cut

Rotate 1//reserved only one, backup

}

/var/log/btmp {

Missingok

Monthly

Create 0600 Root utmp

Rotate 1

}

# system-specific logs May is also is configured here.

Content in the 2.cat/etc/logrotate.d/syslog file

/var/log/cron

/var/log/maillog

/var/log/messages

/var/log/secure

/var/log/spooler

{

sharedscripts//This means that we can use some of the commands in this cutting configuration file .

Postrotate//Indicates some of the operations performed after the cut is completed

/bin/kill-hup ' cat/var/run/syslogd.pid 2>/dev/null ' 2>/dev/null | | true

The command means: Regenerate a new log

Endscript

}

3. The most important log files to view

/var/log/messages (can be viewed with cat commands)

/var/log/wtmp (cannot be viewed directly with the cat command, using the Last view, actually the last call of the file is the/var/log/wtmp file)

/var/log/btmp (similar to wtmp, except that it looks at invalid login history and is viewed with lastb )

/var/log/maillog//Email-related

/var/log/secure//Normal or failed login it is recorded in the log file

/VAR/LOG/DMESG//This log saves some hardware-related logs (for example: disk, NIC, USB) during the boot process of our system

We also have an order DMESG, this command check to see the/VAR/LOG/DMESG file is not necessarily the same, DMESG to see the real-time log, and the/var/log file is our system startup process recorded in some of the logs, they are not the same

DMESG: helps us to get information about hardware errors (if your network card fails, or if your disk is read-only, you can use DMESG to view and get useful information

Extension questions:

The syntax for the Logger command is:

Logger [-i] [-f filename] [-p priority] [-t tag] [message ...]

Options Description

-f filename takes the contents of the filename file as a log

-I each row records the ID of the logger process  

-P priority specifies precedence, priority must be shaped like facility.priority a complete selector with the default priority of User.notice.

-T tag marks each record line with the specified label.

Message the log content to write, with multiple logs separated by spaces, such as

The log content is not specified, and the-f filename option is

NULL, then the standard input is used as the log content.

Ping 172.21.125.244 | Logger-it jin-p Local3.notice &

(Default write in/var/log/messages file, CentOS 6.8 version)

What you want to see is this: Tail-f/var/log/messages

This article from the "11842333" blog, reproduced please contact the author!

Some explanations of Linux system logs