一、系统日志
1、/var/log/messages 系统的日志(服务,系统,软件等)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
[root@juispan ~]
# tail -5 /var/log/messages
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8180] dhcp4 (ens37): state changed timeout ->
done
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8187] device (ens37): state change: ip-config -> failed (reason
'ip-config-unavailable'
) [70 120 5]
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8192] policy: disabling autoconnect
for
connection
'有线连接 1'
.
Jul 20 17:42:44 juispan NetworkManager[520]: <warn> [1500543764.8196] device (ens37): Activation: failed
for
connection
'有线连接 1'
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8205] device (ens37): state change: failed -> disconnected (reason
'none'
) [120 30 0]
[root@juispan ~]
# ls /var/log/messages* ##系统日志会自动切割
/var/log/messages
/var/log/messages-20170627
/var/log/messages-20170529
/var/log/messages-20170709
[root@juispan ~]
# logrotate ##配置切割日志
logrotate 3.8.6 - Copyright (C) 1995-2001 Red Hat, Inc.
This may be freely redistributed under the terms of the GNU Public License
用法: logrotate [-dfv?] [-d|--debug] [-f|--force] [-m|--mail
command
]
[-s|--state statefile] [-
v
|--verbose] [-l|--log STRING] [--version]
[-?|--help] [--usage] [OPTION...] <configfile>
[root@juispan ~]
# cat /etc/logrotate.conf ##查看切割配置
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include
/etc/logrotate
.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp
{
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp
{
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
|
2、dmesg 系统硬件相关的日志
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@juispan ~]
# dmesg | head -3 ##保存在内存中的系统硬件相关日志
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[root@juispan ~]
# dmesg -c ##临时清空内存中的日志
......
[root@juispan ~]
# dmesg
[root@juispan ~]
# cat /var/log/dmesg | head -2 ##系统启动的日志
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
|
3、last/lastb 登录历史
|
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@juispan ~]
# last ##正常的登录历史,对应文件/var/log/wtmp
root pts
/1
gateway Thu Jul 20 17:33 still logged
in
root pts
/0
gateway Thu Jul 20 09:39 still logged
in
......
[root@juispan ~]
# lastb ##失败的登录历史,对应文件/var/log/btmp
root
ssh
:notty gateway Thu Jul 20 09:39 - 09:39 (00:00)
btmp begins Thu Jul 20 09:39:04 2017
[root@juispan ~]
# cat /var/log/secure ##系统的安全日志,动态查看tail -f /var/log/secure
Jul 10 17:32:17 server01 sshd[2584]: Accepted password
for
root from 192.168.137.1 port 60164 ssh2
Jul 10 17:32:18 server01 sshd[2584]: pam_unix(sshd:session): session opened
for
user root by (uid=0)
......
|
二、虚拟终端
执行命令或脚本不中断的方法:
①nohup command & 放后台执行
②screen 虚拟窗口,按ctrl+a+d放到后台
|
1
2
3
4
5
|
[root@juispan ~]
# screen -ls ##列出后台screen list
There is a
screen
on:
5170.pts-1.juispan (Detached)
1 Socket
in
/var/run/screen/S-root
.
[root@juispan ~]
# screen -r ##恢复之前的虚拟窗口
|
可以通过“-S”参数定义screen的名字,如screen -S "test",恢复的时候也可以使用该名字。
本文转自Grodd51CTO博客,原文链接:http://blog.51cto.com/juispan/1949531,如需转载请自行联系原作者
扫一扫
3021
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
