Académique Documents
Professionnel Documents
Culture Documents
Linux keeps detailed records of events within the system known as log files created by many programs Sys. Admin refer to log file to determine
the status of the system, watch for intruders, look for data about particular program or event
Autor: 26.04.13
messages log file ("var"log"messages) contains message from Linux kernel and most of the programs in Linux
Autor: 26.04.13
Events are in the background as the user logs in *aemons special purpose background process designed
to watch for network activity +un other programs !onitor user actions the status information collected by daemon is written to log files, not displayed on the screen
Autor: 26.04.13
!ain system log is stored in "var"log"messages !essage description of what is happening within a program
!ay report information, warning, serious error indicating a program is about to crash Each line makes up an individual log message &he date and time when event being logged timestamp &he hostname (or computer name of the system which the event occurred &he name of the program generating the log message &he message text itself (may be more than one line)
Autor: 26.04.13
Apr /0 12.-3./1 shahnita kernel. 4/-255./6/7/68 usb 2'/.7. roduct. 9C!/1-0 Apr /0 12.-3./1 shahnita kernel. 4/-255./6/7278 usb 2'/.7. !anufacturer. 9roadcom Corp Apr /0 12.-3./1 shahnita bluetoothd46338. :C; dev 1 registered Apr /0 12.-3./1 shahnita bluetoothd46338. Listening for :C; events on hci1 Apr /0 12.-3./1 shahnita <etwork!anager4=1-8. >info? (eth1). preparing device. Apr /0 12.-3./1 shahnita <etwork!anager4=1-8. >info? (eth1). deactivating device (reason @managed@) 4/8 Apr /0 12.-3./1 shahnita kernel. 4/-255.2100738 ; v3. A**+CA<%(<E&*EB$, ). eth1. link is not ready Apr /0 12.-3./1 shahnita kernel. 4/-255.23072-8 usb 2'/./. new full'speed ,S9 device number 7/ using uhci$hcd
Autor: 26.04.13
Autor: 26.04.13
#hen turn on computer system, kernel boots and initialiDe the comp hardware &hen kernel starts the init program start the system logging daemon syslogd and klogd
Cernel writes messages to screen during system startup (before klogd is active) this message is also stored in the kernel ring buffer
Autor: 26.04.13
Cernel ring buffer small area of memory that holds internel kernel messages
;f kernel ring buffer becomes full the first message (the oldest message) will be discarded Ensures most recent message can be found in the buffer
dmesg utility shows the content of the kernel ring buffer E view on the screen
Can be executed by any user not only root F dmesg G less use less to browse file using page up and page down
Autor: 26.04.13
Autor: 26.04.13
*mesg contain much detailed info about how linux recogniDe and initialiDe hardware of the system
Linux system store the dmesg output right after the system started in case of hardware problem with linux &he original boot messages are preserved even if other messages are written to th kernel ring buffer later on.
Autor: 26.04.13
"var"log"message contain many types of messages from many different programs 9oth syslogd and klogd are configured using syslog.conf configuration file stored in "etc directory Syslog.conf determines where each type of message from different programs will be logged
Autor: 26.04.13
FORMAT OF syslog.conf
Example .
J.infoKmail.noneKauthpriv.none "var"log"message
Lines begin with hash mark (L) are considered comments ignored
%ormat of each line in syslog.conf file
facility.priorityK facility.priority
selector
Autor: 26.04.13
Action
FORMAT OF syslog.conf
Selector set of code words that select what events are being logged Action filename or username
%ilename . determines which file the message of an event will be written to ,sername . determine which user@s screen the message appears on (can also refer to a file on remote computer)
%acility code word that specifies which type of program is being selected riority code word that specifies the type of message being selected for logging
Autor: 26.04.13
FORMAT OF syslog.conf
Example .
%acility . daemon riority . info message from any daemon program with priority info or higher are selected by these code words &his action is a filename specifies messages by daemon.info selector will be written to the "var"log"messages file
Autor: 26.04.13
Facility
&he program issue a programming call to syslog function rogram will indicate its program type or category &he syslogd daemon use the category info to determine where to write the message based on the syslog.conf configuration file.
Autor: 26.04.13
Facility
%acility description !essage from user authentication utilities such as login Special purpose (private) user authentication messages !essages from the cron program (used to control automated, scheduled tasks) !essages from all standard daemon or servers Cernel messages (through klogd) rinter server messages !ail server messages (from !ail &ransfer Agent) <ews server messages !essages about the system logging process itself !essages from programs started by end users !essages from the uucp program (rarely used) Eight special purpose categories that a linux vendor or programmer can define for specific needs not covered by other categories %acility name auth auth'priv cron daemon kern lpr mail news syslog user uucp locale1 through local5
Priorities
Eg .
;nformation messages E how the program is using resources !essage indicate potential problem !essage indicate serious or critical problem
Each program can generate messages with different priorities depend on seriousness of the event
Autor: 26.04.13
Priorities
riority description *ebungging messages used by programmers or those testing how a program works ;nformational messages about what a progra is doing ;nformation about noteworthy events occuring as a program executes #arnings about potential problems with a program <otices about errors occuring within a program Critical error messages that will likely cause a program to shut down Error messages that will cause a program to shut down and may also affect other programs !essages about events serious enough to potentially crash the system
Autor: 26.04.13
riority name debug info notice warning err crit alert emerg