|
|
Ubuntu 14.04.6无常规系统日志message日志
& U4 l+ B! W+ Q* n2 H7 broot@controller:~# cd /var/log/
. n1 O7 n7 _& o& C# \" Q2 Aroot@controller:/var/log# ls
! o; e5 F/ R. F5 jalternatives.log boot.log chrony dmesg.0 dmesg.3.gz faillog kern.log syslog unattended-upgrades" f+ q( r' g( `7 F. a# y) |
apt bootstrap.log dist-upgrade dmesg.1.gz dmesg.4.gz fsck landscape ubuntu-advantage.log upstart* k. w' j. {( @5 ~: R
auth.log btmp dmesg dmesg.2.gz dpkg.log installer lastlog udev wtmp
8 } ~( d' t3 H1 _ R; ^
c+ W6 T& A6 v* C默认没有系统日志,和centos系统还是有些区别。7 o {- {3 t" U' d9 x" K8 d
通过网页搜索,显示ubuntu系统默认不开启系统日志。( x1 \3 q. c4 z5 |9 L8 c
因为在 /etc/rsyslog.d/50-default.conf 文件中,将其注释掉了
) @5 k: ?5 [* D) jcat /etc/rsyslog.d/50-default.conf
' R: a3 J9 h* A1 k. o- i, X# Default rules for rsyslog.+ X/ s+ D- A8 q1 }
#
3 l( k9 A' F: x. _/ z# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
1 o4 R, `% v, R# B% \! N) `#" A) M6 Y8 ~6 I; z6 y
# First some standard log files. Log by facility.
( J2 s$ x) q0 V+ Z& p#
% q6 h7 }0 D' a$ r9 Hauth,authpriv.* /var/log/auth.log
] q |! D! F B5 Z8 w) e*.*;auth,authpriv.none -/var/log/syslog$ N' G5 ~; S: \7 K3 o$ l
#cron.* /var/log/cron.log
. k( Z3 t2 U! B$ j# j#daemon.* -/var/log/daemon.log
* C' J; s" k3 |6 `! @kern.* -/var/log/kern.log
, t9 U: b& ] _% E0 g: \#lpr.* -/var/log/lpr.log
3 l& Z4 T4 r; R& e5 I% `( gmail.* -/var/log/mail.log
1 @. P0 @9 @! X, D#user.* -/var/log/user.log
7 T* J& f5 u2 O% F#
6 [ v1 E* T# Z h# Logging for the mail system. Split it up so that
* x* G! \# w9 b4 k# it is easy to write scripts to parse these files.
) x* {& t$ l* j# G% ~# |2 k#1 Y, }9 P+ z: J1 t+ D7 `+ S k
#mail.info -/var/log/mail.info5 u% ^1 H1 [/ R5 y$ r
#mail.warn -/var/log/mail.warn. N( q1 E* X; o
mail.err /var/log/mail.err
( v& D( M( J( R6 L0 l! ^% [# R0 h, x8 p# | c( d, G$ O5 v
# Logging for INN news system.
" L6 t) s% h! l2 _, I2 e#* m9 I0 ?/ U/ s( X, Q
news.crit /var/log/news/news.crit. K% U6 }+ x/ H; n
news.err /var/log/news/news.err
0 c( P! E5 g" j+ P: s3 r9 Rnews.notice -/var/log/news/news.notice
! a+ `; `" }1 |$ J( P# r2 o#- a0 V# @1 {% }, Q ]2 v
# Some "catch-all" log files.. i2 v2 l" ?& h
#5 u- O0 x3 `* Y* @4 Z. \
#*.=debug;\$ q" z) r# R* J T
# auth,authpriv.none;\
- d) y0 A. h& L! f3 W: V* z# news.none;mail.none -/var/log/debug
0 _* }# E7 f' z9 D# I! B; V#*.=info;*.=notice;*.=warn;\, h. O- G$ S: H
# auth,authpriv.none;\
+ {( B* T/ c5 y1 w% P# v# cron,daemon.none;\
# i4 n; ]. D) h$ _7 l. Z f. _# mail,news.none -/var/log/messages
1 h0 A2 x& m4 L9 z, j/ r#
+ e' U; V5 N$ h/ D6 d3 [( Y) w g# Emergencies are sent to everybody logged in.6 l( T1 ~1 u# J) d& q
#) v) G& _* t/ X1 h3 h3 ?/ p
*.emerg :omusrmsg:*
( \, U! q D/ g5 }; _( I#
( O( p3 w) p7 S# I like to have messages displayed on the console, but only on a virtual- R+ c+ o" R3 D) ]
# console I usually leave idle.
- i4 h4 P9 o) _! h! z6 V#
$ d' \2 c* Q2 u0 `. |- V1 V6 v8 I#daemon,mail.*;\; w# n/ ]" J4 ?# v( S; r- P! F3 P2 c
# news.=crit;news.=err;news.=notice;\ Y( h5 H) v, a9 f
# *.=debug;*.=info;\
/ M# e) E* t8 A( m* N) G/ D# *.=notice;*.=warn /dev/tty8
) x, \4 N. O9 f, p% p2 U! t! A: t9 J# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
* z: x2 G9 H$ Z. ^2 n! d2 x! H# you must invoke `xconsole' with the `-file' option:
- r4 T! p; d+ k$ G) o, z#
; J4 i+ ?$ E1 z. B2 A" K# $ xconsole -file /dev/xconsole [...]. x+ l6 u, ~' y& ?) K
# G x3 z% M2 E
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
: J" |9 L s, o0 @. q% p: z# busy site..
5 t6 q6 v* }/ D# Z" R3 ~#
: h" b& `' h" L6 t( i5 ~8 N2 e% X/ Ndaemon.*;mail.*;\. m6 ~7 f4 ]* P. t9 p9 l$ B
news.err;\
3 {; r. s+ F* H *.=debug;*.=info;\
9 H' Z/ I4 e7 D; g* E; L) | *.=notice;*.=warn |/dev/xconsole% u8 g' ~8 p4 j: k9 f
解决办法:0 C* n% }( V. ~2 |/ \
所以需修改该配置文件,将注释放开。" j5 v8 p1 T' L& z9 W
root@controller:/var/log# vim /etc/rsyslog.d/50-default.conf
9 f& X' s9 s1 g' r6 e, X% w/ A' l! e0 E
# Some "catch-all" log files.! n% D% W& P! q- c2 S0 r0 k
#
3 P8 ]- R1 U& ^ B% N*.=debug;\
; v- e0 S8 E- L- w. H" K8 ~ auth,authpriv.none;\- L( o2 k/ U/ ^5 {9 p
news.none;mail.none -/var/log/debug9 @; @' K- c" }; Q2 r; G1 _ e
*.=info;*.=notice;*.=warn;\
9 S9 _& V7 t+ P4 ] auth,authpriv.none;\
: k2 _8 \: W: e* V+ E) o! o6 X cron,daemon.none;\
4 c3 X. I6 T# k mail,news.none -/var/log/messages M9 i8 o4 X) Y$ x% Z5 l
# u j. H5 ~& X5 @% O" u# Q
然后重启rsyslog服务即可:, D& V' m. H. ?9 j7 u2 S
f |( X% P/ F( Croot@controller:/var/log# service rsyslog restart
9 O$ y# [5 A% q6 d) t1 brsyslog stop/waiting
9 f$ q* m. c2 I# L& crsyslog start/running, process 749070 N. H/ M6 }& q' g+ X- Z% E4 J
+ w9 a3 A9 J" M" ^
1 ^" K% P Y7 g1 T1 k8 C
再次查看,就有日志了:
9 v c4 b; ]5 z* ~' w uroot@controller:/var/log# ls9 B* n& U4 x! K4 a
alternatives.log boot.log chrony dmesg.0 dmesg.3.gz faillog kern.log messages udev wtmp5 q% u0 {5 o0 S9 L; K2 ~. x- `+ u
apt bootstrap.log dist-upgrade dmesg.1.gz dmesg.4.gz fsck landscape syslog unattended-upgrades& y$ g s& q$ N4 a
auth.log btmp dmesg dmesg.2.gz dpkg.log installer lastlog ubuntu-advantage.log upstart, p! F7 [0 m6 } i% r. A! E
root@controller:/var/log# - F6 Z- }( i7 g g
1 T J$ u0 L# \5 ^* W7 r1 N* w5 Q6 B7 J6 T5 T$ K" ~! u D; k
问题解决。
* m7 B4 [/ p% U; N
( ]8 Y, N P9 r0 N# n |
|
发表于 2022-1-18 15:00:01