Linux下日志的采集和分析是一个非常重要的工作,一般厂商在你需要技术支持的时候,都需要你通过对应指令收集系统的信息,我这边列举下常用的两个Linux厂商的收集命令(Redhat Linux以及SuSe Linux),便于收集后,对系统进行全面分析。
sosreport是一个类型于supportconfig 的工具,sosreport是python编写的一个工具,适用于centos(和redhat一样,包名为sos)。supportconfig由于是shell 语言编写的一个工具,对版本的依赖相对少些 ,但对一些工具的依赖相对多些(适用于SuSe Linux)。
在红帽系列下,收取日志支持信息(sosreport)
[root@ip-172-31-22-8 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.2 (Maipo)
[root@ip-172-31-22-8 ~]# yum -y install sos
[root@ip-172-31-22-8 ~]# sosreport
sosreport (version 3.2)
This command will collect diagnostic and configuration information from
this Red Hat Enterprise Linux system and installed applications.
An archive containing the collected information will be generated in
/var/tmp/sos.HbPFQB and may be provided to a Red Hat support
representative.
Any information provided to Red Hat will be treated in accordance with
the published support policies at:
https://access.redhat.com/support/
The generated archive may contain data considered sensitive and its
content should be reviewed by the originating organization before being
passed to any third party.
No changes will be made to system configuration.
Press ENTER to continue, or CTRL-C to quit.(1、默认情况下我们直接回车)
Please enter your first initial and last name [ip-172-31-22-8.us-west-2.compute.internal]: (2、保持默认)
Please enter the case id that you are generating this report for []: (3、保持默认)
Setting up archive ...
Setting up plugins ...
Running plugins. Please wait ...
Running 73/73: yum...
Creating compressed archive...
Your sosreport has been generated and saved in:
/var/tmp/sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442.tar.xz(4、生成的文件所在的位置及文件名)
The checksum is: 6ff5127ef6e524cb68a2f60f06cd00d1
Please send this file to your support representative.
[root@ip-172-31-22-8 ~]# cd /var/tmp/
[root@ip-172-31-22-8 tmp]# tar xvJf sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442.tar.xz
[root@ip-172-31-22-8 tmp]# ls
sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442
sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442.tar.xz
sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442.tar.xz.md5
[root@ip-172-31-22-8 tmp]# cd sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442
[root@ip-172-31-22-8 sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442]# ls
boot date df etc hostname ip_addr last lsmod netstat ps route sos_commands sos_reports uname usr version.txt
chkconfig dev dmidecode free installed-rpms java lib mount proc root run sos_logs sys uptime var
# 如上面命令可知,均是收集到的信息的信息
[root@ip-172-31-22-8 sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442]# cat route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.16.1 0.0.0.0 UG 100 0 0 eth0
172.31.16.0 0.0.0.0 255.255.240.0 U 100 0 0 eth0
[root@ip-172-31-22-8 sosreport-ip-172-31-22-8.us-west-2.compute.internal-20160705094442]# cat uptime
09:44:47 up 13 days, 23:16, 1 user, load average: 0.08, 0.04, 0.05
在SuSe下收集日志信息
DYDMSQAAP01:~ # supportconfig -A
=============================================================================
Support Utilities - Supportconfig
Script Version: 2.25-197
Script Date: 2010 04 02
=============================================================================
Gathering system information
Data Directory: /var/log/nts_DYDMSQAAP01_160706_0851(生成的文件所在的目录)
Basic Server Health Check... Done
RPM Database... Done
Basic Environment... Done
Basic Health Report... Done
System Modules... Done
Memory Details... Done
Disk I/O... Done
System Logs... Done
YaST Files... Done
Auditing... Done
Crash Info... Done
NTP... Done
PROC... Done
Boot Files... Done
SLERT... Skipped
Updates... Done
SMT... Skipped
Novell eDirectory... Please Wait... Skipped
Novell LUM... Skipped
Novell NCP... Skipped
Novell NSS... Skipped
Novell DFS... Skipped
Novell SMS... Skipped
Novell NCS... Skipped
Novell AFP... Skipped
Novell CIFS... Skipped
HA Cluster... Skipped
OCFS2... Skipped
PAM... Done
LDAP... Done
CIMOM... Done
Open Files... Done
Environment... Done
ETC... Done
SYSCONFIG... Done
SYSFS... Done
System Daemons... Done
CRON... Done
AT... Done
UDEV... Done
LVM... Please Wait... Base Detail Done
EVMS... Skipped
Software Raid... Done
Multipathing... Done
Networking... Done
Web... Done
InfiniBand... Done
DNS... Done
DHCP... Done
SLP... Please Wait... Services Done
SSH... Done
iSCSI... Done
Samba... Done
NFS... Done
AUTOFS... Done
SAR Files... Skipped
AppArmor... Done
Xen... Skipped
X... Done
Printing... Done
SMART Disks... Done
Hardware... Please Wait... Done
File System List... Please Wait... Done
Supportability Analysis... Please Wait... Done
Creating Tar Ball
==[ DONE ]===================================================================
Log file tar ball: /var/log/nts_DYDMSQAAP01_160706_0851.tbz
Log file size: 6.1M
Log file md5sum: 795ead2be91d0caf956df417df47a3e8
Please attach the log file tar ball to your open Service Request at the
following URL:
https://secure-support.novell.com/eService_enu
You can also upload the tar ball to ftp.novell.com/incoming, or just use
supportconfig -ur , to upload the tar ball automatically.
If you cannot attach the tar ball to the SR, then email it to the engineer.
=============================================================================
DYDMSQAAP01:/var/log # file nts_DYDMSQAAP01_160706_0851.tbz
nts_DYDMSQAAP01_160706_0851.tbz: bzip2 compressed data, block size = 900k
DYDMSQAAP01:/var/log # bzip2 -d nts_DYDMSQAAP01_160706_0851.tbz
DYDMSQAAP01:/var/log # file nts_DYDMSQAAP01_160706_0851.tar
nts_DYDMSQAAP01_160706_0851.tar: POSIX tar archive (GNU)
DYDMSQAAP01:/var/log # tar -xf nts_DYDMSQAAP01_160706_0851.tar
DYDMSQAAP01:/var/log # cd nts_DYDMSQAAP01_160706_0851/
DYDMSQAAP01:/var/log/nts_DYDMSQAAP01_160706_0851 # ls -l
total 96300
-rw------- 1 root root 1734 Jul 6 08:52 basic-environment.txt
-rw------- 1 root root 21527 Jul 6 08:51 basic-health-check.txt
-rw------- 1 root root 1347 Jul 6 08:52 basic-health-report.txt
-rw------- 1 root root 261427 Jul 6 08:54 boot.txt
-rw------- 1 root root 31110 Jul 6 08:55 chkconfig.txt
-rw------- 1 root root 9767 Jul 6 08:54 cimom.txt
-rw------- 1 root root 16498 Jul 6 08:52 crash.txt
-rw------- 1 root root 38903 Jul 6 08:55 cron.txt
-rw------- 1 root root 7815 Jul 6 08:55 dhcp.txt
-rw------- 1 root root 10417 Jul 6 08:55 dns.txt
-rw------- 1 root root 230829 Jul 6 08:54 env.txt
-rw------- 1 root root 1102736 Jul 6 08:54 etc.txt
-rw------- 1 root root 81 Jul 6 08:55 evms.txt
-rw------- 1 root root 4010 Jul 6 08:55 fs-autofs.txt
-rw------- 1 root root 4282 Jul 6 08:52 fs-diskio.txt
-rw------- 1 root root 32670989 Jul 6 08:56 fs-files.txt
-rw------- 1 root root 12013 Jul 6 08:55 fs-iscsi.txt
-rw------- 1 root root 7814 Jul 6 08:55 fs-smartmon.txt
-rw------- 1 root root 572 Jul 6 08:55 fs-softraid.txt
-rw------- 1 root root 86 Jul 6 08:54 ha.txt
-rw------- 1 root root 734341 Jul 6 08:55 hardware.txt
-rw------- 1 root root 15000 Jul 6 08:55 ib.txt
-rw------- 1 root root 22657 Jul 6 08:54 ldap.txt
-rw------- 1 root root 216738 Jul 6 08:55 lvm.txt
-rw------- 1 root root 23718 Jul 6 08:52 memory.txt
-rw------- 1 root root 4476203 Jul 6 08:52 messages.txt
-rw------- 1 root root 440234 Jul 6 09:08 modules.txt
-rw------- 1 root root 21196 Jul 6 08:55 mpio.txt
-rw------- 1 root root 107521 Jul 6 08:55 network.txt
-rw------- 1 root root 3120 Jul 6 08:55 nfs.txt
-rw------- 1 root root 91 Jul 6 08:54 novell-afp.txt
-rw------- 1 root root 88 Jul 6 08:54 novell-cifs.txt
-rw------- 1 root root 87 Jul 6 08:54 novell-dfs.txt
-rw------- 1 root root 175 Jul 6 08:54 novell-edir.txt
-rw------- 1 root root 87 Jul 6 08:54 novell-lum.txt
-rw------- 1 root root 91 Jul 6 08:54 novell-ncp.txt
-rw------- 1 root root 100 Jul 6 08:54 novell-ncs.txt
-rw------- 1 root root 87 Jul 6 08:54 novell-nss.txt
-rw------- 1 root root 87 Jul 6 08:54 novell-sms.txt
-rw------- 1 root root 345825 Jul 6 08:52 ntp.txt
-rw------- 1 root root 88 Jul 6 08:54 ocfs2.txt
-rw------- 1 root root 919369 Jul 6 08:54 open-files.txt
-rw------- 1 root root 48449 Jul 6 08:54 pam.txt
-rw------- 1 root root 37464 Jul 6 08:55 print.txt
-rw------- 1 root root 123950 Jul 6 08:52 proc.txt
-rw------- 1 root root 347020 Jul 6 08:52 rpm.txt
-rw------- 1 root root 11372907 Jul 6 09:08 sam.html
-rw------- 1 root root 20565977 Jul 6 09:08 sam.txt
-rw------- 1 root root 20861 Jul 6 08:55 samba.txt
-rw------- 1 root root 115 Jul 6 08:55 sar.txt
-rw------- 1 root root 328932 Jul 6 08:55 security-apparmor.txt
-rw------- 1 root root 319217 Jul 6 08:52 security-audit.txt
-rw------- 1 root root 86 Jul 6 08:54 slert.txt
-rw------- 1 root root 19265 Jul 6 08:55 slp.txt
-rw------- 1 root root 80 Jul 6 08:54 smt.txt
-rw------- 1 root root 7749 Jul 6 08:55 ssh.txt
-rw------- 1 root root 13105 Jul 6 09:08 supportconfig.txt
-rw------- 1 root root 1350213 Jul 6 08:54 sysconfig.txt
-rw------- 1 root root 1054696 Jul 6 08:54 sysfs.txt
-rw------- 1 root root 204323 Jul 6 08:55 udev.txt
-rw------- 1 root root 6626599 Jul 6 08:54 updates.txt
-rw------- 1 root root 51104 Jul 6 08:55 web.txt
-rw------- 1 root root 62111 Jul 6 08:55 x.txt
-rw------- 1 root root 86 Jul 6 08:55 xen.txt
-rw------- 1 root root 14045856 Jul 6 08:52 y2log.txt
我们可以看出,相关的文件全部是txt文件,而且日志信息也是非常详细的。
注意事项:supportconfig -A,收集日志起来没有sosreport那么快,有可能会出现卡住的状态,耐心等待下,一般情况下,是没有问题的。
原创文章,作者:Net21-冰冻vs西瓜,如若转载,请注明出处:http://www.178linux.com/22468