95992828九五至尊2

日记管理有关文化882828九五至尊手机版,壹起来学linux

四月 2nd, 2019  |  882828九五至尊手机版

在管制体系在那之中,日常会遇见种种种种的荒谬和特别。要找到那些错误和丰裕,就须要各类日志来增加接济定位问题了。linux的日记都以存放在在/var/log这几个文件夹上面,常见的日志文件有如下三种;
/var/log/cron:  记录crontab调度是或不是正规运作
/var/log/dmesg: 记录开头的时候基本检查评定进度中发出的种种音信
/var/log/lastlog:能够记下系统方面装有帐号近年来一遍登六系统时的连带新闻。那一个文件不恐怕用cat命令来读取,不过lastlog命令能够读取这几个文件
/var/log/maillog: 记录邮件相关音信
/var/log/messages:大约系统产生的错误音信都会记录在这几个文件在那之中。当系统一发布出不可捉摸的不当时,那个文件是必供给查看的
/var/log/secure:
只要牵涉到须要输入帐号密码的软件,登六的时候都会被记录在此文件中。例如网络协同的ssh,telnet等主次
/var/log/wtmp:记录正确登陆系统者的账户音信与错误登陆时所运用的账户消息
这边我们用lastlog来看下日志的格式:能够看到登陆用户名,使用的极端已经登25日期。
root@zhf-linux:/var/log# lastlog | grep root
root             tty1                      Wed Jul 26 12:27:16 +0800
2017

日记管理相关知识

那正是说怎么样服务的怎么阶段音讯以及要求被记录在哪儿是由哪个人规定的。那就要用到syslog的布署文件。有个别Linux系统是记录在/etc/syslog.conf。但在ubuntun中配置文件是在/etc/rsyslog.conf。
rsyslog.conf的运用格式如下
格式::
日志设备(类型).(连接符号)日志级别   日志处理方式(action)
日记设备(能够知晓为日志类型):
———————————————————————-
auth –pam发生的日志
authpriv ssh,ftp等登录消息的申明音信
cron –时间职务相关
kern –内核
lpr –打印
mail –邮件
mark(syslog)–rsyslog服务中间的信息,时间标识
news –新闻组
user –用户程序爆发的相关新闻
uucp –unix to unix copy, unix主机之间相关的通信
local 1~七  –自定义的日记设备
日志级别:
———————————————————————-
debug –有调式新闻的,日志信息最多
info –1般音讯的日记,最常用
notice –最富有非常重要的平日条件的新闻
warning  –警告级别
err  –错误级别,阻止有个别功能照旧模块不能够平常干活的消息
crit –严重级别,阻止整个类别或许全体软件不可能符合规律工作的新闻
alert  –须求及时修改的消息
emerg  –内核崩溃等严重消息
none –什么都不记录

 

举多少个例子来看下:
1固然小编要将mail相关的数量都写入到/var/log/maillog中。那么在rsyslog.conf中应该加上如下
mail.info     /var/log/maillog
二借使自个儿要将news以及cron的音讯都写入到1个称为/var/log/cronnews的文本中,可是五个程序的警示音讯则额外的笔录在/var/log/cronnews.warn中,则应该加上如下:
news.*;cron.*          /var/log/cronnews
news.=warn;cron.=warn    /var/log/cronnews.warn
内部.=代表所急需的阶段就是前面接的等级而已,别的的不用
.!代表不对等,及是除了该等级外的别样阶段都记录

壹 日志相关文件

有几许急需留意的是对此日记文件,假若用VIM打开它,离开却执行:wq的参数,那么该公文现在将不会在继承日志操作,除非重新开动rsyslog。
/etc/init.d/rsyslog restart

[plain] 

在/var/log文件中大家平时看看如下的公文。dpkg.log.一,dpkg.log.2。这几个由于logrotate的原因。由于日记向来在不停的笔录,文件会愈加大,那么这么会影响到系统的运作,因此logrorate正是将旧的日记文件更改名称,然后新建贰个空的日志文件。然后旧的记录保留壹段时间就删除掉。那样就足以节约很多硬盘空间。
-rw-r–r–  1 root              root        0 Sep  3 14:04 dpkg.log
-rw-r–r–  1 root              root   161993 Aug 27 15:14 dpkg.log.1
-rw-r–r–  1 root              root    98629 Nov 30  2015
dpkg.log.10.gz
-rw-r–r–  1 root              root   177381 Jul 30 15:26
dpkg.log.2.gz
-rw-r–r–  1 root              root    23074 Jul 26 10:16
dpkg.log.3.gz
-rw-r–r–  1 root              root      224 Oct  9  2016
dpkg.log.4.gz
-rw-r–r–  1 root              root     2861 Sep 27  2016
dpkg.log.5.gz
-rw-r–r–  1 root              root      335 Jun 14  2016
dpkg.log.6.gz
-rw-r–r–  1 root              root     1011 May 23  2016
dpkg.log.7.gz
-rw-r–r–  1 root              root      221 May  7  2016
dpkg.log.8.gz
-rw-r–r–  1 root              root     2206 Dec  1  2015
dpkg.log.9.gz
那即是说logrotate的干活机制是何等定义的吧,这么些都记录在/etc/logrotate.conf里面
# rotate log files weekly   周周对日记举行1回rotate的动作
weekly

#很关键  

# use the syslog group by default, since this is the owning group
# of /var/log/syslog.
su root syslog

[[email protected]
~]# ls /var/log/  

# keep 四 weeks worth of backlogs   只保留几个日志文件
rotate 4

anaconda.ifcfg.log    anaconda.xlog      btmp           dmesg      
maillog            secure            wtmp  

# create new (empty) log files after rotating old ones
create       日志文件被重命名,因而新建1个来持续存款和储蓄

anaconda.log          anaconda.yum.log   btmp-20130805  dmesg.old
 maillog-20130805  secure-20130805   yum.log  

# uncomment this if you want your log files compressed   
被涂改的日记是不是须求减弱
#compress
比如针对/var/log/wtmp的文件,设置如下
/var/log/wtmp {
    missingok
    monthly
    create 0664 root utmp
    rotate 1
}

anaconda.program.log  audit              ConsoleKit     dracut.log
messages           spooler  

唯独现实况况是我们有无数劳动都在系统方面,各样服务都亟需去修改/etc/logrotate.conf文件也挺复杂的。所以需求单独独立出来多个索引,各种服务独立二个文书,并且放置到/etc/logrotate.d个中就可以了
root@zhf-linux:/etc/logrotate.d# ls -al
total 64
drwxr-xr-x   2 root root  4096 Aug 21 11:32 .
drwxr-xr-x 147 root root 12288 Sep 21 21:55 ..
-rw-r–r–   1 root root   126 May 16  2015 apport
-rw-r–r–   1 root root   173 Apr 10  2014 apt
-rw-r–r–   1 root root   181 Feb 13  2016 cups-daemon
-rw-r–r–   1 root root   232 Mar  7  2014 dpkg
-rw-r–r–   1 root root   125 Apr  1  2017 lightdm
-rw-r–r–   1 root root   157 Jul 15  2014 pm-utils
-rw-r–r–   1 root root    94 Apr 22  2015 ppp
-rw-r–r–   1 root root   515 Feb  3  2016 rsyslog
-rw-r–r–   1 root root   513 Feb 19  2014 speech-dispatcher
-rw-r–r–   1 root root   178 Aug  7  2014 ufw
-rw-r–r–   1 root root   235 Feb 19  2016 unattended-upgrades
-rw-r–r–   1 root root   122 Apr 12  2014 upstart
比世尊看下rsyslog的装置。
root@zhf-linux:/etc/logrotate.d# cat rsyslog
/var/log/syslog
{
    rotate 7
    daily
    missingok
    notifempty
    delaycompress
    compress
    postrotate
        invoke-rc.d rsyslog rotate > /dev/null
    endscript
}
中间postrotate代表的意味是在做完logrotate之后运营的指令。prerotate代表的意思是在logrotate在此之前的通令。
譬如假如大家想将/var/log/syslog文件在rotate后装置为只可以为扩充的属性。能够这么写
postrotate
/usr/bin/chattr +a /var/log/syslog
endscript

anaconda.storage.log  boot.log           cron          httpd      
messages-20130805  spooler-20130805  

1旦布署文件都OK了,可以用logrotate命令来测试设置是否行得通。
Logrorate -vf logfile
-v: 运行呈现情势,会来得logrotate运营的进程
-f:不论是还是不是适合配置文件的数额,强制每种文件都开始展览rotate的操作

anaconda.syslog       boot.log-20130805  cron-20130805 lastlog     rhsm
              tallylog  

   

#最首要日志,超越六一%记下在内部  

[[email protected]
~]# ls /var/log/messages  

/var/log/messages  

        

#系统运转,硬件相关日志  

[[email protected]
~]# ls /var/log/dmesg*  

/var/log/dmesg  /var/log/dmesg.old  

   

#登录平安相关日志  

[[email protected]
~]# ls /var/log/secure  

/var/log/secure  

   

#动用ssh登录,输入错误密码  

[[email protected]
opt]# ssh 192.168.1.11  

[email protected]‘s
password:  

Permission denied, please try again.  

[email protected]‘s
password:  

Permission denied, please try again.  

   

#监督文件,能够观察刚才输入的失实密码已经记录下来了  

[[email protected]
~]# tail -f /var/log/secure  

[[email protected]
~]# tail -n 4/var/log/secure  

Aug 5 14:46:13 client01 sshd[2796]: pam_unix(sshd:auth):
authenticationfailure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=192.168.1.1  user=root  

Aug 5 14:46:15 client01 sshd[2796]: Failed password for root
from192.168.1.1 port 50116 ssh2  

Aug 5 14:46:23 client01 unix_chkpwd[2800]: password check failed for
user(root)  

Aug 5 14:46:25 client01 sshd[2796]: Failed password for root
from192.168.1.1 port 50116 ssh2  

   

#邮件相关日志  

[[email protected]
opt]# ls /var/log/maillog  

/var/log/maillog  

   

#登录新闻日志  

[[email protected]
~]# ls /var/log/lastlog  

#末段登录的消息  

[[email protected]
~]# ls /var/log/lastlog  

/var/log/lastlog  

[[email protected]
~]# last  

#末尾登录错误的新闻  

[[email protected]
~]# lastb  

   

#SELINUX相关日志  

[[email protected]
~]# ls /var/log/audit/  

audit.log  

   

[[email protected]
~]# ls /var/log/maillog*  

/var/log/maillog  /var/log/maillog-20130805  

#事先日志的备份,二个礼拜切换二回,会活动备份  

maillog-20130805  

   

[[email protected]
0805]# ls /var/log/maillog*  

/var/log/maillog  /var/log/maillog-20130729  /var/log/maillog-20130805  

[[email protected]
0805]# ls /var/log/boot.log*  

/var/log/boot.log  /var/log/boot.log-20130729
 /var/log/boot.log-20130805  

 

2 日志相关服务

[plain] 

[[email protected]
~]# ps -ef|grep log  

#系统日志服务  

root      959     1  0 08:49 ?        00:00:00 /sbin/rsyslogd -c 4  

root     1133     1  0 08:49 ?        00:00:00 login — root      

root     2811  2776  0 14:54 pts/0    00:00:00 grep log  

   

[[email protected]
~]# /etc/init.d/rsyslogrestart  

Shutting down system logger:                               [  OK  ]  

Starting system logger:                                    [  OK  ]  

   

   

#rsyslog:日志记录的任务,钦命输出文件  

#日记级别:Debug Warning  

 

叁 实验:日志转移(一台机器的日志备份到另1台机械)

 

client01:

[plain] 

[[email protected]
~]# ls /etc/*log*  

/etc/csh.login  /etc/login.defs  /etc/logrotate.conf  /etc/rsyslog.conf
 

   

/etc/logrotate.d:  

dracut httpd  subscription-manager  syslog up2date  yum  

[[email protected]
~]# ls /etc/rsyslog.conf  

/etc/rsyslog.conf  

[[email protected]
~]# vim /etc/rsyslog.conf  

   

#模块:达成有些意义的顺序  

   

#不要急着写,帮衬异步写。等到个其他时候才写,延迟写(负号的意思)  

-/var/log/maillog  

   

#修改文件  

[[email protected]
~]# vim /etc/rsyslog.conf  

   

[[email protected]
~]# grep “hongyi”/etc/rsyslog.conf -n  

60:local3.*                                      /var/log/hongyi.log  

#重启服务  

[[email protected]
~]# /etc/init.d/rsyslogrestart  

Shutting down system logger:                               [  OK  ]  

Starting system logger:                                    [  OK  ]  

#能够查阅到生成了这么些文件  

[[email protected]
~]# ls /var/log/hongyi.log  

/var/log/hongyi.log  

#写日志  

[[email protected]
~]# logger -p”local3.info” “this is test”  

[[email protected]
~]# cat /var/log/hongyi.log  

Aug 5 15:17:00 client01 root: this is test  

#咱俩写local二.info,发现并未记录  

[[email protected]
~]# logger -p”local2.info” “this is test”  

[[email protected]
~]# cat /var/log/hongyi.log  

Aug 5 15:17:00 client01 root: this is test  

   

[[email protected]
~]# logger –help  

logger: invalid option — ‘-‘  

usage: logger [-is] [-f file] [-p pri] [-ttag] [-u socket] [
message … ]  

   

#性能  

   

#壹台机器上的文本保留到另1台机械上  

[[email protected]
~]# grep “UDP” /etc/rsyslog.conf  -n -A1  

12:# Provides UDP syslog reception  

13-$ModLoad imudp.so  

14:$UDPServerRun 514  

15-  

[[email protected]
~]# grep “local3.*”/etc/rsyslog.conf  -n  

59:local3.*                                      /tmp/up.log  

[[email protected]
0805]# man rsyslog.conf  

 

serv01:

[plain] 

#rsyslog.conf做如下配置  

[[email protected]
~]# grep local3/etc/rsyslog.conf -n  

#192.168.1.12是serv02的IP  

#@:UDP 服务  

#@@:TCP服务  

60:local3.*     @192.168.1.12  

#重启服务  

[[email protected]
~]# /etc/init.d/rsyslogrestart  

Shutting down system logger:                               [  OK  ]  

Starting system logger:                                    [  OK  ]  

#Serv02配置完后,输出日志到第一台机械  

[[email protected]
~]# logger -p”local3.info” “hello,world”  

 

serv02:

[plain] 

#rsyslog.conf文件做如下配置  

[[email protected]
~]# cat -n/etc/rsyslog.conf|sed “8,9p;/local3/p”  -n  

    8  $ModLoad imuxsock.so    # provides support for local system
logging(e.g. via logger command)  

    9  $ModLoad imklog.so # provides kernel logging support
(previouslydone by rklogd)  

59   local3.*     /tmp/up.log  

#重启服务  

[[email protected]
~]# /etc/init.d/rsyslogrestart  

Shutting down system logger:                               [  OK  ]  

Starting system logger:                                    [  OK  ]  

#翻开文件能够看来  

[[email protected]
~]# cat /tmp/up.log  

Aug 5 15:31:38 serv01 root: hello,world  

   

#日记备份  

 

四 定时布署职分

[plain] 

[[email protected]
~]# yum install at -y  

[[email protected]
~]# at now +3 minutes  

at> echo “hello,wolrd” >/opt/aa01.txt  

at> <EOT>  

job 2 at 2013-08-05 16:20  

Can’t open /var/run/atd.pid to signal atd.No atd running?  

[[email protected]
~]# /etc/init.d/atd start  

Starting atd:                                              [  OK  ]  

#争持当前岁月  

[[email protected]
~]# at now +3 minutes  

at> echo “hello,wolrd” >/opt/aa01.txt  

at> <EOT>  

job 3 at 2013-08-05 16:21  

[[email protected]
~]# at -l  

3     2013-08-0516:21 a root:    

2     2013-08-0516:20 a root  

[email protected]
opt]# ll  

total 20  

-rw-r–r–. 1 root root    12 Aug 5 16:20 aa01.txt  

drwx——. 2 root root 16384 Jul 23 00:54lost+found  

   

#帮助秒钟 小时 天  

[[email protected]
~]# at now +1 days  

   

   

[[email protected]
opt]# at 16:28 08/05/2013  

at> echo “hello,uplooking”> /opt/aa02.txt  

at> <EOT>  

job 4 at 2013-08-05 16:28  

[[email protected]
opt]# at -l  

4     2013-08-0516:28 a root  

   

[[email protected]
opt]# at 18:20 08/06/2013  

at> rm -rf /*<EOT>  

job 5 at 2013-08-06 18:20  

[[email protected]
opt]# at -l  

5     2013-08-0618:20 a root  

4     2013-08-0516:28 a root  

   

[[email protected]
opt]# at –help  

at: invalid option — ‘-‘  

Usage: at [-V] [-q x] [-f file] [-mldbv]time  

      at -c job …  

      atq [-V] [-q x]  

      atrm [-V] job …  

      batch  

#移除  

[[email protected]
opt]# atrm 5  

#列出详细的任务  

[[email protected]
opt]# at -l  

4     2013-08-0516:28 a root  

   

#进行完后自行清除,本次有效  

   

#crontab:循环有效  

[[email protected]
opt]# vim /etc/crontab  

   ** * * * echo `date` >> /opt/aa03.txt  

#加上规则  

[[email protected]
opt]# crontab -e  

no crontab for root – using an empty one  

crontab: installing new crontab  

   

30 18 * * * init 0  

1 */2 10-20 7,8 5 wall “Have aholiday”  

#列出富有的天职  

[[email protected]
opt]# crontab -l  

* * * * * echo `date` >>/opt/aa03.txt  

30 18 * * * init 0  

[[email protected]
opt]# crontab –help  

crontab: invalid option — ‘-‘  

crontab: usage error: unrecognized option  

usage:    crontab[-u user] file  

       crontab[-u user] [ -e | -l | -r ]  

              (defaultoperation is replace, per 1003.2)  

       -e    (edit user’s crontab)  

       -l     (list user’s crontab)  

       -r    (delete user’s crontab)  

       -i     (prompt before deleting user’s crontab)  

       -s    (selinux context)  

   

#查阅编写的文件  

[[email protected]
opt]# cd /var/spool/  

[[email protected]
spool]# ls  

anacron at  cron  lpd mail  plymouth  postfix up2date  

[[email protected]
spool]# cd cron/  

[[email protected]
cron]# ll  

total 4  

-rw——-. 1 root root 58 Aug  5 16:37 root  

[[email protected]
cron]# cat root  

* * * * * echo `date` >>/opt/aa03.txt  

30 18 * * * init 0  

[[email protected]
cron]# cd /etc/cron.  

cron.d/       cron.daily/   cron.deny    cron.hourly/
 cron.monthly/cron.weekly/  

        

#每一天执行的  

[[email protected]
cron]# cat/etc/cron.d/0hourly  

SHELL=/bin/bash  

PATH=/sbin:/bin:/usr/sbin:/usr/bin  

MAILTO=root  

HOME=/  

01 * * * * root run-parts /etc/cron.hourly  

   

#各样小时实施的  

[[email protected]
cron]# cat/etc/cron.hourly/0anacron  

#!/bin/bash  

#in case file doesn’t exist  

if test -r /var/spool/anacron/cron.daily;then  

   day=`cat /var/spool/anacron/cron.daily`  

fi  

if [ `date +%Y%m%d` = “$day” ];then  

   exit 0;  

fi  

   

# in case anacron is already running,  

# there will be log (daemon won’t berunning twice).  

if test -x /usr/bin/on_ac_power; then  

   /usr/bin/on_ac_power &> /dev/null  

   if test $? -eq 1; then  

   exit 0  

   fi  

fi  

/usr/sbin/anacron -s  

   

#查看天天实施的布署文件  

[[email protected]
cron]# cat/etc/cron.daily/logrotate  

#!/bin/sh  

   

/usr/sbin/logrotate /etc/logrotate.conf>/dev/null 2>&1  

EXITVALUE=$?  

if [ $EXITVALUE != 0 ]; then  

   /usr/bin/logger -t logrotate “ALERT exited abnormally
with[$EXITVALUE]”  

fi  

exit 0  

   

#翻看syslog文件,能够看出日志的创始过程  

[[email protected]
logrotate.d]# cat syslog  

/var/log/messages /var/log/secure/var/log/maillog /var/log/spooler
/var/log/boot.log /var/log/cron {  

   sharedscripts  

   postrotate  

       /bin/kill-HUP `cat /var/run/syslogd.pid 2> /dev/null` 2>
/dev/null || true  

   endscript  

}  

   

#可以对日记的有关文书举办布署  

[[email protected]
cron]# cat/etc/logrotate.conf  

# see “man logrotate” for details  

# rotate log files weekly  

weekly  

   

# keep 4 weeks worth of backlogs  

rotate 4  

   

# create new (empty) log files afterrotating old ones  

create  

   

# use date as a suffix of the rotated file  

dateext  

   

# uncomment this if you want your log filescompressed  

#compress  

   

# RPM packages drop log rotationinformation into this directory  

include /etc/logrotate.d  

   

# no packages own wtmp and btmp — we’llrotate them here  

/var/log/wtmp {  

   monthly  

   create 0664 root utmp  

       minsize1M  

   rotate 1  

}  

   

/var/log/btmp {  

   missingok  

   monthly  

   create 0600 root utmp  

   rotate 1  

}  

   

# system-specific logs may be also beconfigured here.  

 

伍 模拟日志文件的正片

[plain] 

#从man中进行出现说法的拷贝  

[[email protected]
logrotate.d]# manlogrotate.conf  

   

#编写制定文件  

[[email protected]
logrotate.d]# vim/etc/logrotate.conf  

[[email protected]
logrotate.d]# cat/etc/logrotate.conf  

/opt/hongyi.log {  

   monthly  

   rotate 2  

   olddir /opt/old  

   missingok  

   create 0600 root hongyi  

   nocompress  

}  

#创立用户  

[[email protected]
logrotate.d]# useradd hongyi  

#创造目录  

[[email protected]
logrotate.d]# mkdir /opt/old  

#开创文件  

[[email protected]
logrotate.d]# touch/opt/hongyi.log  

#编写制定文件  

[[email protected]
logrotate.d]# vim/opt/hongyi.log  

[[email protected]
logrotate.d]# ls /opt  

aa03.txt hongyi.log  old  

   

[[email protected]
logrotate.d]# logrotate–help  

Usage: logrotate [OPTION…]<configfile>  

  -d,–debug               Don’t do anything,just test (implies -v)  

  -f,–force               Force file rotation  

  -m,–mail=command        Command to sendmail (instead of `/bin/mail’)
 

  -s,–state=statefile     Path of state file  

  -v,–verbose             Display messagesduring rotation  

   

Help options:  

  -?,–help                Show this helpmessage  

 —usage                   Displaybrief usage message  

#强制使配置文件生效  

[[email protected]
logrotate.d]# logrotate -f/etc/logrotate.conf  

[[email protected]
logrotate.d]# ls /opt  

aa03.txt hongyi.log  old  

#能够见见已经成形了文本  

[[email protected]
logrotate.d]# ls /opt/old/  

hongyi.log-20130805  

#日志轮寻  

#日记切换  

   

[[email protected]
~]# ls /etc/cron.d  

cron.d/    cron.daily/ cron.deny  

#翻看每一日切换的   

[[email protected]
~]# ls /etc/cron.daily/  

logrotate makewhatis.cron  rhsm-complianced  

[[email protected]
~]# cat/etc/cron.daily/logrotate  

#!/bin/sh  

   

/usr/sbin/logrotate /etc/logrotate.conf>/dev/null 2>&1  

EXITVALUE=$?  

if [ $EXITVALUE != 0 ]; then  

   /usr/bin/logger -t logrotate “ALERT exited abnormally
with[$EXITVALUE]”  

fi  

exit 0  

[[email protected]
~]# cat /etc/logrotate.conf  

# see “man logrotate” for details  

# rotate log files weekly  

weekly  

   

# keep 4 weeks worth of backlogs  

rotate 4  

   

# create new (empty) log files afterrotating old ones  

create  

   

# use date as a suffix of the rotated file  

dateext  

   

# uncomment this if you want your log filescompressed  

#compress  

   

# RPM packages drop log rotationinformation into this directory  

include /etc/logrotate.d  

   

# no packages own wtmp and btmp — we’llrotate them here  

/var/log/wtmp {  

   monthly  

   create 0664 root utmp  

       minsize1M  

   rotate 1  

882828九五至尊手机版,}  

   

/var/log/btmp {  

   missingok  

   monthly  

   create 0600 root utmp  

   rotate 1  

}  

   

/opt/hongyi.log {  

   monthly  

   rotate 2  

   olddir /opt/old  

   missingok  

   create 0600 root hongyi  

   nocompress  

}  

   

# system-specific logs may be also beconfigured here.  

[[email protected]
~]# cd /etc/lo  

localtime       login.defs      logrotate.conf  logrotate.d/     

[[email protected]
~]# cd /etc/logrotate.d/  

[[email protected]
logrotate.d]# ll  

total 24  

-rw-r–r–. 1 root root 103 Apr 27  2011 dracut  

-rw-r–r–. 1 root root 185 Jun 24  2010 httpd  

-rw-r–r–. 1 root root  71 May 5  2011 subscription-manager  

-rw-r–r–. 1 root root 228 May 20  2009 syslog  

-rw-r–r–. 1 root root  32 Apr 8  2010 up2date  

-rw-r–r–. 1 root root 100 Apr 29  2011 yum  

   

#次第切换 日志切换  

#日志:很重要  

        

#安装日期  

[[email protected]
opt]# date -s”2013-08-07″  

Wed Aug 7 00:00:00 CST 2013  

#强制使文件生效,v展现进程  

[[email protected]
opt]# logrotate -fv/etc/logrotate.conf  

reading config file /etc/logrotate.conf  

including /etc/logrotate.d  

reading config file dracut  

reading config info for /var/log/dracut.log  

reading config file httpd  

reading config info for /var/log/httpd/*log  

reading config file subscription-manager  

reading config info for /var/log/rhsm/*.log  

reading config file syslog  

reading config info for /var/log/messages/var/log/secure
/var/log/maillog /var/log/spooler /var/log/boot.log/var/log/cron  

reading config file up2date  

reading config info for /var/log/up2date  

reading config file yum  

reading config info for /var/log/yum.log  

reading config info for /var/log/wtmp  

reading config info for /var/log/btmp  

reading config info for /opt/hongyi.log  

olddir is now /opt/old  

   

Handling 9 logs  

   

rotating pattern: /var/log/dracut.log  forced from command line (4
rotations)  

empty log files are not rotated, old logsare removed  

considering log /var/log/dracut.log  

  logdoes not need rotating  

   

rotating pattern: /var/log/httpd/*log  forced from command line (4
rotations)  

empty log files are not rotated, old logsare removed  

considering log /var/log/httpd/access_log  

  logdoes not need rotating  

considering log /var/log/httpd/error_log  

  logdoes not need rotating  

not running postrotate script, since nologs were rotated  

   

rotating pattern: /var/log/rhsm/*.log  forced from command line (4
rotations)  

empty log files are not rotated, old logsare removed  

considering log /var/log/rhsm/rhsmcertd.log  

  logdoes not need rotating  

considering log /var/log/rhsm/rhsm.log  

  logdoes not need rotating  

   

rotating pattern: /var/log/messages/var/log/secure /var/log/maillog
/var/log/spooler /var/log/boot.log/var/log/cron  forced from command
line(4 rotations)  

empty log files are rotated, old logs areremoved  

considering log /var/log/messages  

  logneeds rotating  

considering log /var/log/secure  

  logneeds rotating  

considering log /var/log/maillog  

  logneeds rotating  

considering log /var/log/spooler  

  logneeds rotating  

considering log /var/log/boot.log  

  logneeds rotating  

considering log /var/log/cron  

  logneeds rotating  

rotating log /var/log/messages,log->rotateCount is 4  

dateext suffix ‘-20130807’  

glob pattern ‘-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

rotating log /var/log/secure,log->rotateCount is 4  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

rotating log /var/log/maillog,log->rotateCount is 4  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

rotating log /var/log/spooler,log->rotateCount is 4  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

rotating log /var/log/boot.log,log->rotateCount is 4  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

rotating log /var/log/cron,log->rotateCount is 4  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

fscreate context set to system_u:object_r:var_log_t:s0  

renaming /var/log/messages to/var/log/messages-20130807  

creating new /var/log/messages mode = 0600uid = 0 gid = 0  

fscreate context set tosystem_u:object_r:var_log_t:s0  

renaming /var/log/secure to/var/log/secure-20130807  

creating new /var/log/secure mode = 0600uid = 0 gid = 0  

fscreate context set tosystem_u:object_r:var_log_t:s0  

renaming /var/log/maillog to/var/log/maillog-20130807  

creating new /var/log/maillog mode = 0600uid = 0 gid = 0  

fscreate context set tosystem_u:object_r:var_log_t:s0  

renaming /var/log/spooler to/var/log/spooler-20130807  

creating new /var/log/spooler mode = 0600uid = 0 gid = 0  

fscreate context set tosystem_u:object_r:var_log_t:s0  

renaming /var/log/boot.log to/var/log/boot.log-20130807  

creating new /var/log/boot.log mode = 0644uid = 0 gid = 0  

fscreate context set tosystem_u:object_r:var_log_t:s0  

renaming /var/log/cron to/var/log/cron-20130807  

creating new /var/log/cron mode = 0600 uid= 0 gid = 0  

running postrotate script  

   

rotating pattern: /var/log/up2date  forced from command line (4
rotations)  

empty log files are rotated, old logs areremoved  

considering log /var/log/up2date  

  log/var/log/up2date does not exist — skipping  

   

rotating pattern: /var/log/yum.log  forced from command line (4
rotations)  

empty log files are not rotated, old logsare removed  

considering log /var/log/yum.log  

  logdoes not need rotating  

   

rotating pattern: /var/log/wtmp  forced from command line (1 rotations)
 

empty log files are rotated, only log files>= 1048576 bytes are
rotated, old logs are removed  

considering log /var/log/wtmp  

  logneeds rotating  

rotating log /var/log/wtmp,log->rotateCount is 1  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

fscreate context set to system_u:object_r:wtmp_t:s0  

renaming /var/log/wtmp to/var/log/wtmp-20130807  

creating new /var/log/wtmp mode = 0664 uid= 0 gid = 22  

removing old log /var/log/wtmp-20130806  

   

rotating pattern: /var/log/btmp  forced from command line (1 rotations)
 

empty log files are rotated, old logs areremoved  

considering log /var/log/btmp  

  logneeds rotating  

rotating log /var/log/btmp,log->rotateCount is 1  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

fscreate context set to system_u:object_r:faillog_t:s0  

renaming /var/log/btmp to/var/log/btmp-20130807  

creating new /var/log/btmp mode = 0600 uid= 0 gid = 22  

removing old log /var/log/btmp-20130806  

   

rotating pattern: /opt/hongyi.log  forced from command line (2
rotations)  

olddir is /opt/old, empty log files arerotated, old logs are removed  

considering log /opt/hongyi.log  

  logneeds rotating  

rotating log /opt/hongyi.log,log->rotateCount is 2  

dateext suffix ‘-20130807’  

glob pattern’-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]’
 

fscreate context set tounconfined_u:object_r:usr_t:s0  

renaming /opt/hongyi.log to/opt/old/hongyi.log-20130807  

creating new /opt/hongyi.log mode = 0600uid = 0 gid = 500  

removing old log/opt/old/hongyi.log-20130805  

   

#能够查看old目录下的公文  

[[email protected]
opt]# ls old/  

hongyi.log-20130806  hongyi.log-20130807  

[[email protected]
opt]# cat hongyi.log  

#查看文件的权杖  

[[email protected]
opt]# ll  

total 8  

-rw-r–r–. 1 root root   2436 Aug 7 00:01 aa03.txt  

-rw——-. 1 root hongyi    0 Aug 7 00:00 hongyi.log  

drwxr-xr-x. 2 root root   4096 Aug 7 00:00 old  

 

陆 crontab——定时职分

[plain] 

#延时执行,系统运维后,检查测试还并未有执行的天职。布署职分  

#怎样时候运维机器,什么时等候检查验  

[[email protected]
opt]# cat /etc/anacrontab  

# /etc/anacrontab: configuration file foranacron  

   

# See anacron(8) and anacrontab(5) fordetails.  

   

SHELL=/bin/sh  

PATH=/sbin:/bin:/usr/sbin:/usr/bin  

MAILTO=root  

# the maximal random delay added to thebase delay of the jobs  

RANDOM_DELAY=45  

# the jobs will be started during thefollowing hours only  

START_HOURS_RANGE=3-22  

   

#period in days   delay in minutes   job-identifier   command  

1     5     cron.daily            nicerun-parts /etc/cron.daily  

7     25   cron.weekly         nicerun-parts /etc/cron.weekly  

@monthly 45      cron.monthly              nice run-parts
/etc/cron.monthly  

   

#crontab:列出和删除  

[[email protected]
opt]# crontab -l  

* * * * * echo `date` >>/opt/aa03.txt  

30 18 * * * init 0  

[[email protected]
opt]# crontab –help  

crontab: invalid option — ‘-‘  

crontab: usage error: unrecognized option  

usage:    crontab[-u user] file  

       crontab[-u user] [ -e | -l | -r ]  

              (defaultoperation is replace, per 1003.2)  

       -e    (edit user’s crontab)  

       -l     (list user’s crontab)  

       -r    (delete user’s crontab)  

       -i     (prompt before deleting user’s crontab)  

       -s    (selinux context)  

[[email protected]
opt]# crontab -r  

[[email protected]
opt]# crontab -l  

no crontab for root  

 

http://www.bkjia.com/Linuxjc/547844.htmlwww.bkjia.comtruehttp://www.bkjia.com/Linuxjc/547844.htmlTechArticle日志管理相关知识 一 日志相关文书 [plain]
#很关键
[[email protected]
~]# ls /var/log/ anaconda.ifcfg.log anaconda.xlog btmp dmesg maillog
secure wtmp anaconda.log anac…

相关文章

Your Comments

近期评论

    功能


    网站地图xml地图