|
|
Ubuntu 14.04.6无常规系统日志message日志
/ A2 x" }( V3 D+ Nroot@controller:~# cd /var/log/4 i7 x. u) A9 w' \
root@controller:/var/log# ls
8 @5 x$ x: {* J, |- kalternatives.log boot.log chrony dmesg.0 dmesg.3.gz faillog kern.log syslog unattended-upgrades3 e; i' c/ w5 `' K, H/ W, u
apt bootstrap.log dist-upgrade dmesg.1.gz dmesg.4.gz fsck landscape ubuntu-advantage.log upstart" K1 [8 j& z8 M2 m" a2 U; Y ^' s
auth.log btmp dmesg dmesg.2.gz dpkg.log installer lastlog udev wtmp
z" C6 R3 I8 e# T! `9 B
& A) a) h2 o! _默认没有系统日志,和centos系统还是有些区别。( d* b3 p0 b0 ~' U
通过网页搜索,显示ubuntu系统默认不开启系统日志。
# Q( c2 v& T. E$ B因为在 /etc/rsyslog.d/50-default.conf 文件中,将其注释掉了% s: P% O& r4 w6 U) {2 x
cat /etc/rsyslog.d/50-default.conf : c! O5 m( M7 d/ y
# Default rules for rsyslog.9 V5 T( V+ t6 K6 E" R1 j" K. J
#& @! B0 e7 k% w* ~/ b# G( U
# For more information see rsyslog.conf(5) and /etc/rsyslog.conf0 g$ d/ W4 G0 k% _' K9 H
#
& n$ U+ P9 o% _1 a# First some standard log files. Log by facility.
" e5 Y) J3 g. J7 S#
& y# N1 E' }% }auth,authpriv.* /var/log/auth.log8 [- H }: ~) K3 [& u
*.*;auth,authpriv.none -/var/log/syslog# j' D, K$ k; A5 c% }# d0 i9 D$ H
#cron.* /var/log/cron.log
' y; d; H( `; A: c8 N1 P! x/ o6 W#daemon.* -/var/log/daemon.log
/ C! f& Y5 w/ W6 E" m2 Xkern.* -/var/log/kern.log& o( I" `% Z* \8 u
#lpr.* -/var/log/lpr.log4 u: _- j! ^) e( `- N$ K Q
mail.* -/var/log/mail.log
1 S1 i: S; F( z/ T+ r. I% k) h#user.* -/var/log/user.log* F) z7 W7 k4 }& i# n y+ l
#) \3 o0 ~' Q) f* k3 V$ ^* g. x* T2 R/ l
# Logging for the mail system. Split it up so that7 L. J# t0 W3 P/ w; F
# it is easy to write scripts to parse these files.' i* `& O u. B+ o) \3 C0 ]3 M
#4 e: S ]# c+ ?- P n s1 t2 `
#mail.info -/var/log/mail.info
5 P9 [; `1 q" ?# B2 l. d#mail.warn -/var/log/mail.warn0 Q$ @9 V1 V3 Z& P
mail.err /var/log/mail.err
8 }. F2 S& r9 ?' i6 E#& ?* u7 P! ?0 v/ N I
# Logging for INN news system.
9 n6 R3 G. |$ `' {4 L$ P5 s! ~( U#0 G3 Y& t: o; S6 h/ ]
news.crit /var/log/news/news.crit
y: e- o e+ ]' z# T B. `news.err /var/log/news/news.err
) e/ ^/ R. g! s r& enews.notice -/var/log/news/news.notice3 \7 s$ m0 m7 \" i9 m
#
, m: m4 g5 `6 v0 C1 A# Some "catch-all" log files.1 ]& ]4 m U# b" n( W
#) l+ \- B7 W2 x$ G
#*.=debug;\
. ]" O6 J3 D$ X' T: v; Z# auth,authpriv.none;\
2 Q- f! t! J: l5 D E2 I# news.none;mail.none -/var/log/debug
; i( p, ?/ t2 @: E9 J#*.=info;*.=notice;*.=warn;\) t' Q9 ]5 \8 N, X+ i4 }; K
# auth,authpriv.none;\! z2 @% c/ l5 |( M: T
# cron,daemon.none;\
_: X; N5 B6 n# mail,news.none -/var/log/messages, M% Y! c2 _- K7 ~
#1 U7 E I+ }0 p4 j
# Emergencies are sent to everybody logged in.1 s; Q3 T. V& n. R/ y$ X
#% G" E" D+ _+ ]) N
*.emerg :omusrmsg:*& ?0 p2 b# Z d- C
#1 _5 _% ?% X c+ p/ n
# I like to have messages displayed on the console, but only on a virtual; N9 l& X- ?/ L$ ?9 _
# console I usually leave idle., x* O0 K) D. o8 V1 _7 e$ O
#$ r2 @ U) t4 d8 a$ G0 \
#daemon,mail.*;\* l& t3 K9 e) ~5 M# c
# news.=crit;news.=err;news.=notice;\) F* _3 d2 e+ \# p. w2 C
# *.=debug;*.=info;\
9 B% i R$ d- R3 R# V# *.=notice;*.=warn /dev/tty8+ e+ M7 H# f4 P; w# z
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it, o: S' Y7 j- X& X
# you must invoke `xconsole' with the `-file' option:. Q P) |0 D8 U4 u
#
% s* H- w; G A' H _3 |0 Y( W9 _8 l# $ xconsole -file /dev/xconsole [...]# P) ~1 h" u% i
#
8 b P; I0 _. T; n/ I" {, Q* d) p C# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
" X8 D- M; ^% F# busy site..
3 c- F' i; a B% S" P. [#4 |6 Q# h% _0 v) U! `" M5 t7 G
daemon.*;mail.*;\6 I4 v, i& ~" s( b6 w- q9 G f" J) c
news.err;\
$ b% T; A8 H& N3 | *.=debug;*.=info;\
5 @ B& A/ v _; N! B) i *.=notice;*.=warn |/dev/xconsole
! u+ Y% G; S) s/ T2 E解决办法:3 F, n3 i4 T h/ Q; x3 p: W6 J
所以需修改该配置文件,将注释放开。! B% ~* M) N. Y; R! q- i6 e
root@controller:/var/log# vim /etc/rsyslog.d/50-default.conf 4 e' d, [. T* f2 E: a- }, Y
; R2 P: s2 L2 g; S5 F& `) |# Some "catch-all" log files.7 E; b9 X! k9 D. D) N/ w6 p
#
1 _, D# N1 ^- x: B' }0 ?1 f*.=debug;\
; x, d& H+ ~ X4 Z auth,authpriv.none;\. O% X# X; Z0 R3 ^
news.none;mail.none -/var/log/debug/ v" J- q# S( u: J
*.=info;*.=notice;*.=warn;\
7 Y. A5 h1 Q& |" P$ s( }& Q auth,authpriv.none;\
, j. O; E9 K3 [) c& {+ H cron,daemon.none;\
) J# q8 y, S8 d/ P z mail,news.none -/var/log/messages8 T1 x% E2 r7 T7 H5 q$ t* i
% o) d- @" @+ `4 f: T9 M) m' k然后重启rsyslog服务即可:1 E; D- y+ Q& h$ h; h
& P+ l$ `5 W! j& k$ y5 ~
root@controller:/var/log# service rsyslog restart + k) f6 S; p, O4 ?* o! b
rsyslog stop/waiting
+ \" n2 U1 U% K0 w0 V! @& F. Wrsyslog start/running, process 74907+ i+ s: `7 s& d: ~; \' I
9 q; n7 m, N; C' }! D; c
0 c5 h) I8 n6 i3 ]/ r/ Y再次查看,就有日志了:; j7 ?( N* H6 ]$ n7 r
root@controller:/var/log# ls+ x* S: a& }/ Q5 l: u% R9 \3 T8 n
alternatives.log boot.log chrony dmesg.0 dmesg.3.gz faillog kern.log messages udev wtmp
r% T8 C6 h* M. c9 j. J8 iapt bootstrap.log dist-upgrade dmesg.1.gz dmesg.4.gz fsck landscape syslog unattended-upgrades4 \9 D+ p5 _: w0 y$ K
auth.log btmp dmesg dmesg.2.gz dpkg.log installer lastlog ubuntu-advantage.log upstart& o. ] _7 F( i# O- k. c0 t8 t7 z
root@controller:/var/log#
+ U2 g# s& G! O7 W8 Y6 |; ^( [
- u. y8 l% `3 X6 P, I6 i% v7 B B. Y
问题解决。' X' Q ~% N! b
) P& D1 m( [% J+ b, Q& _5 n |
|
发表于 2022-1-18 15:00:01