linux日志管理方法 linux日志管理实例

发布时间:2020-04-09编辑:脚本学堂
本文介绍了linux日志管理的方法与操作实例,linux日志相关服务,linux日志定时任务等,需要的朋友参考下。

linux日志管理方法 linux日志管理实例 第二部分
五、模拟linux日志文件的拷贝
 

#从man中进行示例的拷贝 
[root@client01 logrotate.d]# manlogrotate.conf 
  
#编辑文件 
[root@client01 logrotate.d]# vim/etc/logrotate.conf 
[root@client01 logrotate.d]# cat/etc/logrotate.conf 
/opt/hongyi.log { 
   monthly 
   rotate 2 
   olddir /opt/old 
   missingok 
   create 0600 root hongyi 
   nocompress 

#创建用户 
[root@client01 logrotate.d]# useradd hongyi 
#创建目录 
[root@client01 logrotate.d]# mkdir /opt/old 
#创建文件 
[root@client01 logrotate.d]# touch/opt/hongyi.log 
#编辑文件 
[root@client01 logrotate.d]# vim/opt/hongyi.log 
[root@client01 logrotate.d]# ls /opt 
aa03.txt hongyi.log  old 
  
[root@client01 logrotate.d]# logrotate--help 
Usage: logrotate [OPTION...]<configfile> 
  -d,--debug               Don't do anything,just test (implies -v) 
  -f,--force               Force file rotation 
  -m,--mail=command        Command to sendmail (instead of `/bin/mail') 
  -s,--state=statefile     Path of state file 
  -v,--verbose             Display messagesduring rotation 
  
Help options: 
  -?,--help                Show this helpmessage 
 —usage                   Displaybrief usage message 
#强制使配置文件生效 
[root@client01 logrotate.d]# logrotate -f/etc/logrotate.conf 
[root@client01 logrotate.d]# ls /opt 
aa03.txt hongyi.log  old 
#可以看到已经生成了文件 
[root@client01 logrotate.d]# ls /opt/old/ 
hongyi.log-20130805 
#日志轮寻 
#日志切换 
  
[root@client01 ~]# ls /etc/cron.d 
cron.d/    cron.daily/ cron.deny 
#查看每天切换的  
[root@client01 ~]# ls /etc/cron.daily/ 
logrotate makewhatis.cron  rhsm-complianced 
[root@client01 ~]# cat/etc/cron.daily/logrotate 
#!/bin/sh 
  
/usr/sbin/logrotate /etc/logrotate.conf>/dev/null 2>&1 
EXITVALUE=$? 
if [ $EXITVALUE != 0 ]; then 
   /usr/bin/logger -t logrotate "ALERT exited abnormally with[$EXITVALUE]" 
fi 
exit 0 
[root@client01 ~]# cat /etc/logrotate.conf 
# see "man logrotate" for details 
# rotate log files weekly 
weekly 
  
# keep 4 weeks worth of backlogs 
rotate 4 
  
# create new (empty) log files afterrotating old ones 
create 
  
# use date as a suffix of the rotated file 
dateext 
  
# uncomment this if you want your log filescompressed 
#compress 
  
# RPM packages drop log rotationinformation into this directory 
include /etc/logrotate.d 
  
# no packages own wtmp and btmp -- we'llrotate them here 
/var/log/wtmp { 
   monthly 
   create 0664 root utmp 
       minsize1M 
   rotate 1 

  
/var/log/btmp { 
   missingok 
   monthly 
   create 0600 root utmp 
   rotate 1 

  
/opt/hongyi.log { 
   monthly 
   rotate 2 
   olddir /opt/old 
   missingok 
   create 0600 root hongyi 
   nocompress 

  
# system-specific logs may be also beconfigured here. 
[root@client01 ~]# cd /etc/lo 
localtime       login.defs      logrotate.conf  logrotate.d/    
[root@client01 ~]# cd /etc/logrotate.d/ 
[root@client01 logrotate.d]# ll 
total 24 
-rw-r--r--. 1 root root 103 Apr 27  2011 dracut 
-rw-r--r--. 1 root root 185 Jun 24  2010 httpd 
-rw-r--r--. 1 root root  71 May 5  2011 subscription-manager 
-rw-r--r--. 1 root root 228 May 20  2009 syslog 
-rw-r--r--. 1 root root  32 Apr 8  2010 up2date 
-rw-r--r--. 1 root root 100 Apr 29  2011 yum 
  
#程序切换 日志切换 
#日志:很重要 
       
#设置日期 
[root@client01 opt]# date -s"2013-08-07" 
Wed Aug 7 00:00:00 CST 2013 
#强制使文件生效,v显示过程 
[root@client01 opt]# logrotate -fv/etc/logrotate.conf 
reading config file /etc/logrotate.conf 
including /etc/logrotate.d 
reading config file dracut 
reading config info for /var/log/dracut.log 
reading config file httpd 
reading config info for /var/log/httpd/*log 
reading config file subscription-manager 
reading config info for /var/log/rhsm/*.log 
reading config file syslog 
reading config info for /var/log/messages/var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log/var/log/cron 
reading config file up2date 
reading config info for /var/log/up2date 
reading config file yum 
reading config info for /var/log/yum.log 
reading config info for /var/log/wtmp 
reading config info for /var/log/btmp 
reading config info for /opt/hongyi.log 
olddir is now /opt/old 
  
Handling 9 logs 
  
rotating pattern: /var/log/dracut.log  forced from command line (4 rotations) 
empty log files are not rotated, old logsare removed 
considering log /var/log/dracut.log 
  logdoes not need rotating 
  
rotating pattern: /var/log/httpd/*log  forced from command line (4 rotations) 
empty log files are not rotated, old logsare removed 
considering log /var/log/httpd/access_log 
  logdoes not need rotating 
considering log /var/log/httpd/error_log 
  logdoes not need rotating 
not running postrotate script, since nologs were rotated 
  
rotating pattern: /var/log/rhsm/*.log  forced from command line (4 rotations) 
empty log files are not rotated, old logsare removed 
considering log /var/log/rhsm/rhsmcertd.log 
  logdoes not need rotating 
considering log /var/log/rhsm/rhsm.log 
  logdoes not need rotating 
  
rotating pattern: /var/log/messages/var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log/var/log/cron  forced from command line(4 rotations) 
empty log files are rotated, old logs areremoved 
considering log /var/log/messages 
  logneeds rotating 
considering log /var/log/secure 
  logneeds rotating 
considering log /var/log/maillog 
  logneeds rotating 
considering log /var/log/spooler 
  logneeds rotating 
considering log /var/log/boot.log 
  logneeds rotating 
considering log /var/log/cron 
  logneeds rotating 
rotating log /var/log/messages,log->rotateCount is 4 
dateext suffix '-20130807' 
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
rotating log /var/log/secure,log->rotateCount is 4 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
rotating log /var/log/maillog,log->rotateCount is 4 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
rotating log /var/log/spooler,log->rotateCount is 4 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
rotating log /var/log/boot.log,log->rotateCount is 4 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
rotating log /var/log/cron,log->rotateCount is 4 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
fscreate context set to system_u:object_r:var_log_t:s0 
renaming /var/log/messages to/var/log/messages-20130807 
creating new /var/log/messages mode = 0600uid = 0 gid = 0 
fscreate context set tosystem_u:object_r:var_log_t:s0 
renaming /var/log/secure to/var/log/secure-20130807 
creating new /var/log/secure mode = 0600uid = 0 gid = 0 
fscreate context set tosystem_u:object_r:var_log_t:s0 
renaming /var/log/maillog to/var/log/maillog-20130807 
creating new /var/log/maillog mode = 0600uid = 0 gid = 0 
fscreate context set tosystem_u:object_r:var_log_t:s0 
renaming /var/log/spooler to/var/log/spooler-20130807 
creating new /var/log/spooler mode = 0600uid = 0 gid = 0 
fscreate context set tosystem_u:object_r:var_log_t:s0 
renaming /var/log/boot.log to/var/log/boot.log-20130807 
creating new /var/log/boot.log mode = 0644uid = 0 gid = 0 
fscreate context set tosystem_u:object_r:var_log_t:s0 
renaming /var/log/cron to/var/log/cron-20130807 
creating new /var/log/cron mode = 0600 uid= 0 gid = 0 
running postrotate script 
  
rotating pattern: /var/log/up2date  forced from command line (4 rotations) 
empty log files are rotated, old logs areremoved 
considering log /var/log/up2date 
  log/var/log/up2date does not exist -- skipping 
  
rotating pattern: /var/log/yum.log  forced from command line (4 rotations) 
empty log files are not rotated, old logsare removed 
considering log /var/log/yum.log 
  logdoes not need rotating 
  
rotating pattern: /var/log/wtmp  forced from command line (1 rotations) 
empty log files are rotated, only log files>= 1048576 bytes are rotated, old logs are removed 
considering log /var/log/wtmp 
  logneeds rotating 
rotating log /var/log/wtmp,log->rotateCount is 1 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
fscreate context set to system_u:object_r:wtmp_t:s0 
renaming /var/log/wtmp to/var/log/wtmp-20130807 
creating new /var/log/wtmp mode = 0664 uid= 0 gid = 22 
removing old log /var/log/wtmp-20130806 
  
rotating pattern: /var/log/btmp  forced from command line (1 rotations) 
empty log files are rotated, old logs areremoved 
considering log /var/log/btmp 
  logneeds rotating 
rotating log /var/log/btmp,log->rotateCount is 1 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
fscreate context set to system_u:object_r:faillog_t:s0 
renaming /var/log/btmp to/var/log/btmp-20130807 
creating new /var/log/btmp mode = 0600 uid= 0 gid = 22 
removing old log /var/log/btmp-20130806 
  
rotating pattern: /opt/hongyi.log  forced from command line (2 rotations) 
olddir is /opt/old, empty log files arerotated, old logs are removed 
considering log /opt/hongyi.log 
  logneeds rotating 
rotating log /opt/hongyi.log,log->rotateCount is 2 
dateext suffix '-20130807' 
glob pattern'-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]' 
fscreate context set tounconfined_u:object_r:usr_t:s0 
renaming /opt/hongyi.log to/opt/old/hongyi.log-20130807 
creating new /opt/hongyi.log mode = 0600uid = 0 gid = 500 
removing old log/opt/old/hongyi.log-20130805 
  
#可以查看old目录下的文件 
[root@client01 opt]# ls old/ 
hongyi.log-20130806  hongyi.log-20130807 
[root@client01 opt]# cat hongyi.log 
#查看文件的权限 
[root@client01 opt]# ll 
total 8 
-rw-r--r--. 1 root root   2436 Aug 7 00:01 aa03.txt 
-rw-------. 1 root hongyi    0 Aug 7 00:00 hongyi.log 
drwxr-xr-x. 2 root root   4096 Aug 7 00:00 old 
 

六、crontab——定时任务
 

#延时执行,系统启动后,检测还没有执行的任务。计划任务 
#什么时候启动机器,什么时候检测 
[root@client01 opt]# cat /etc/anacrontab 
# /etc/anacrontab: configuration file foranacron 
  
# See anacron(8) and anacrontab(5) fordetails. 
  
SHELL=/bin/sh 
PATH=/sbin:/bin:/usr/sbin:/usr/bin 
MAILTO=root 
# the maximal random delay added to thebase delay of the jobs 
RANDOM_DELAY=45 
# the jobs will be started during thefollowing hours only 
START_HOURS_RANGE=3-22 
  
#period in days   delay in minutes   job-identifier   command 
1     5     cron.daily            nicerun-parts /etc/cron.daily 
7     25   cron.weekly         nicerun-parts /etc/cron.weekly 
@monthly 45      cron.monthly              nice run-parts /etc/cron.monthly 
  
#crontab:列出和删除 
[root@client01 opt]# crontab -l 
* * * * * echo `date` >>/opt/aa03.txt 
30 18 * * * init 0 
[root@client01 opt]# crontab --help 
crontab: invalid option -- '-' 
crontab: usage error: unrecognized option 
usage:    crontab[-u user] file 
       crontab[-u user] [ -e | -l | -r ] 
              (defaultoperation is replace, per 1003.2) 
       -e    (edit user's crontab) 
       -l     (list user's crontab) 
       -r    (delete user's crontab) 
       -i     (prompt before deleting user's crontab) 
       -s    (selinux context) 
[root@client01 opt]# crontab -r 
[root@client01 opt]# crontab -l 
no crontab for root