Linux下日志的采集和分析是一个非常重要的工作,一般厂商都会有自己独有的命令,我这边列举下常用的两个Linux厂商的收集命令(Redhat Linux以及SuSe Linux),便于收集后,对系统进行全面分析。
1. 基于redhat的日志收集[[email protected] etc]# sosreport
sosreport (version 3.2)
This command will collect diagnostic and configuration information from
this CentOS Linux system and installed applications.
An archive containing the collected information will be generated in
/var/tmp/sos.NUmfab and may be provided to a CentOS support
representative.
Any information provided to CentOS will be treated in accordance with
the published support policies at:
https://www.centos.org/
The generated archive may contain data considered sensitive and its
content should be reviewed by the originating organization before being
passed to any third party.
No changes will be made to system configuration.
Press ENTER to continue, or CTRL-C to quit.
Please enter your first initial and last name [openstack-01]:
Please enter the case id that you are generating this report for []:
Setting up archive ...
Setting up plugins ...
Running plugins. Please wait ...
Running 114/114: yum...
[plugin:openstack_swift] regex substitution failed for ‘/etc/swift/container.builder‘ with: ‘‘utf8‘ codec can‘t decode byte 0x80 in position 0: invalid start byte‘
[plugin:openstack_swift] regex substitution failed for ‘/etc/swift/container.ring.gz‘ with: ‘‘utf8‘ codec can‘t decode byte 0x8b in position 1: invalid start byte‘
Creating compressed archive...
Your sosreport has been generated and saved in:
/var/tmp/sosreport-openstack-01-20160603071544.tar.xz
The checksum is: 757286aeba8b7ca78b0614547c4d58c9
Please send this file to your support representative.
2. 基于SUSE Linux下的日志收集
使用脚本supportconfig -A收集日志,日志路径会存在/var/log下。
--TESTDBO2:/tmp/tools/nmon # supportconfig -A
============================================================================= Support Utilities - Supportconfig Script Version: 2.25-197 Script Date: 2010 04 02=============================================================================
Gathering system information Data Directory: /var/log/nts_TESTDBO2_140226_1114
Basic Server Health Check... Done RPM Database... Done Basic Environment... Done Basic Health Report... Done System Modules... Done Memory Details... Done Disk I/O... Done System Logs... Done YaST Files... Done Auditing... Done Crash Info... Done NTP... Done PROC... Done Boot Files... Done SLERT... Skipped Updates... Done SMT... Skipped Novell eDirectory... Please Wait... Skipped Novell LUM... Skipped Novell NCP... Skipped Novell NSS... Skipped Novell DFS... Skipped Novell SMS... Skipped Novell NCS... Skipped Novell AFP... Skipped Novell CIFS... Skipped HA Cluster... Skipped OCFS2... Skipped PAM... Done LDAP... Done CIMOM... Done Open Files... Done Environment... Done ETC... Done SYSCONFIG... Done SYSFS... Done System Daemons... Done CRON... Done AT... Done UDEV... Done LVM... Please Wait... Base Detail Done EVMS... Skipped Software Raid... Done Multipathing... Done Networking... Done Web... Done InfiniBand... Done DNS... Done DHCP... Done SLP... Please Wait... Services Done SSH... Done iSCSI... Done Samba... Done NFS... Done AUTOFS... Done SAR Files... Skipped AppArmor... Done Xen... Skipped X... Done Printing... Done SMART Disks... Done Hardware... Please Wait... Done File System List... Please Wait... Done Supportability Analysis... Please Wait... Done
Creating Tar Ball
==[ DONE ]=================================================================== Log file tar ball: /var/log/nts_TESTDBO2_140226_1114.tbz Log file size: 25M Log file md5sum: 36a0aaee37b5174e29278544ac3e8f61
Please attach the log file tar ball to your open Service Request at the following URL: https://secure-support.novell.com/eService_enu
You can also upload the tar ball to ftp.novell.com/incoming, or just use supportconfig -ur , to upload the tar ball automatically.
If you cannot attach the tar ball to the SR, then email it to the engineer.=============================================================================--
然后我们可以根据收集的相关信息,对系统进行分析
原文:http://molewan.blog.51cto.com/287340/1785698