一、系统日志
1、/var/log/messages 系统的日志(服务,系统,软件等)
[[email protected] ~]# tail -5 /var/log/messages
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8180] dhcp4 (ens37): state changed timeout -> done
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8187] device (ens37): state change: ip-config -> failed (reason ‘ip-config-unavailable‘) [70 120 5]
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8192] policy: disabling autoconnect for connection ‘有线连接 1‘.
Jul 20 17:42:44 juispan NetworkManager[520]: <warn> [1500543764.8196] device (ens37): Activation: failed for connection ‘有线连接 1‘
Jul 20 17:42:44 juispan NetworkManager[520]: <info> [1500543764.8205] device (ens37): state change: failed -> disconnected (reason ‘none‘) [120 30 0]
[[email protected] ~]# ls /var/log/messages* ##系统日志会自动切割
/var/log/messages /var/log/messages-20170627
/var/log/messages-20170529 /var/log/messages-20170709
[[email protected] ~]# logrotate ##配置切割日志
logrotate 3.8.6 - Copyright (C) 1995-2001 Red Hat, Inc.
This may be freely redistributed under the terms of the GNU Public License
用法: logrotate [-dfv?] [-d|--debug] [-f|--force] [-m|--mail command]
[-s|--state statefile] [-v|--verbose] [-l|--log STRING] [--version]
[-?|--help] [--usage] [OPTION...] <configfile>
[[email protected] ~]# cat /etc/logrotate.conf ##查看切割配置
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we‘ll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
2、dmesg 系统硬件相关的日志
[[email protected] ~]# dmesg | head -3 ##保存在内存中的系统硬件相关日志 [ 0.000000] Initializing cgroup subsys cpuset [ 0.000000] Initializing cgroup subsys cpu [ 0.000000] Initializing cgroup subsys cpuacct [[email protected] ~]# dmesg -c ##临时清空内存中的日志 ...... [[email protected] ~]# dmesg [[email protected] ~]# cat /var/log/dmesg | head -2 ##系统启动的日志 [ 0.000000] Initializing cgroup subsys cpuset [ 0.000000] Initializing cgroup subsys cpu
3、last/lastb 登录历史
[[email protected] ~]# last ##正常的登录历史,对应文件/var/log/wtmp root pts/1 gateway Thu Jul 20 17:33 still logged in root pts/0 gateway Thu Jul 20 09:39 still logged in ...... [[email protected] ~]# lastb ##失败的登录历史,对应文件/var/log/btmp root ssh:notty gateway Thu Jul 20 09:39 - 09:39 (00:00) btmp begins Thu Jul 20 09:39:04 2017 [[email protected] ~]# cat /var/log/secure ##系统的安全日志,动态查看tail -f /var/log/secure Jul 10 17:32:17 server01 sshd[2584]: Accepted password for root from 192.168.137.1 port 60164 ssh2 Jul 10 17:32:18 server01 sshd[2584]: pam_unix(sshd:session): session opened for user root by (uid=0) ......
二、虚拟终端
执行命令或脚本不中断的方法:
①nohup command & 放后台执行
②screen 虚拟窗口,按ctrl+a+d放到后台
[[email protected] ~]# screen -ls ##列出后台screen list There is a screen on: 5170.pts-1.juispan (Detached) 1 Socket in /var/run/screen/S-root. [[email protected] ~]# screen -r ##恢复之前的虚拟窗口
可以通过“-S”参数定义screen的名字,如screen -S "test",恢复的时候也可以使用该名字。
时间: 2024-10-15 23:04:30