|
|
Ubuntu 14.04.6无常规系统日志message日志
* R( F5 `2 b" ~4 b( \" aroot@controller:~# cd /var/log/
) H s" w b' l1 [root@controller:/var/log# ls
7 w7 L6 V9 m" |4 a) W8 ~/ L0 |4 galternatives.log boot.log chrony dmesg.0 dmesg.3.gz faillog kern.log syslog unattended-upgrades
- g' J, I; V8 w, vapt bootstrap.log dist-upgrade dmesg.1.gz dmesg.4.gz fsck landscape ubuntu-advantage.log upstart6 V, N3 r! \0 c# a+ _# g! U. ]# R# `
auth.log btmp dmesg dmesg.2.gz dpkg.log installer lastlog udev wtmp' e& e/ Y3 ]" Z1 A8 M8 P# d
0 q8 p; [0 P C% N默认没有系统日志,和centos系统还是有些区别。
7 b# J/ }- v. R1 o* W; h通过网页搜索,显示ubuntu系统默认不开启系统日志。
+ A# W0 R/ Z# A3 G( o3 }9 D因为在 /etc/rsyslog.d/50-default.conf 文件中,将其注释掉了
5 R5 v8 K# j+ P" T2 v( kcat /etc/rsyslog.d/50-default.conf 2 j4 b. h& }9 ~
# Default rules for rsyslog.
! p: T" u' r9 G3 t#6 W9 D8 o8 L4 t9 Z9 w0 l
# For more information see rsyslog.conf(5) and /etc/rsyslog.conf/ a/ } `+ v' I$ p J
#
9 D3 t, X* ]4 d) q3 X# First some standard log files. Log by facility.5 b Z1 w2 q5 x& J
#) r2 g. G% Q: E
auth,authpriv.* /var/log/auth.log
1 v! P# T. O, G*.*;auth,authpriv.none -/var/log/syslog2 q* U4 n: p2 r
#cron.* /var/log/cron.log& E: r3 ~' L: ], n4 v" \
#daemon.* -/var/log/daemon.log
K5 U7 ~" J- U$ P7 x6 A/ nkern.* -/var/log/kern.log! ]3 U* y; `7 p! q4 z* a T
#lpr.* -/var/log/lpr.log) g$ ]9 C; H- {/ Y5 x" W4 S
mail.* -/var/log/mail.log
: g$ L6 ^& \* a/ x0 C' k#user.* -/var/log/user.log
, Z" {4 D! @$ w: D0 r N#
( z* w2 _; r5 S# Logging for the mail system. Split it up so that* e% E. |! W3 W1 o, m' Z* H$ B6 e4 F
# it is easy to write scripts to parse these files.
1 n# V( i3 R: S: t- C: }#
. B9 l# h7 B8 F/ S' t! N; D$ S#mail.info -/var/log/mail.info
3 }0 W$ Y8 [# u7 \9 O8 K#mail.warn -/var/log/mail.warn
1 o) z, v) r2 j* ~- u. Rmail.err /var/log/mail.err2 ?1 Y( r$ K# y" H
#4 G1 \# S% x# _4 l
# Logging for INN news system.
5 T# ^& J* T0 [; h#; T8 S# v# P) k! I3 d! J! L) |) B
news.crit /var/log/news/news.crit
9 c. p! ~) Z% _' x5 b5 Q/ T* anews.err /var/log/news/news.err, b" s) b2 C9 f
news.notice -/var/log/news/news.notice
% n; L3 q, n. M9 X, x6 }/ z#
- b2 v' A7 ~+ E" ^$ m2 ^# Some "catch-all" log files.; O9 D6 g, r& Y1 w. E( T5 G
#7 x% V' y# m, O+ L8 W
#*.=debug;\
) H, |2 n. U6 }# auth,authpriv.none;\% o# q1 h$ _; `" G$ U" y0 |
# news.none;mail.none -/var/log/debug
6 F3 D* v8 o2 V3 w( S1 D9 u#*.=info;*.=notice;*.=warn;\
$ K& w8 A# J% o' C& I' \# auth,authpriv.none;\
0 p$ y/ F: K2 U9 e# cron,daemon.none;\
4 L! X) ?3 p0 a5 Y L# mail,news.none -/var/log/messages
( x( ^( s- C5 P+ C#% j) M. p+ _6 L2 K
# Emergencies are sent to everybody logged in.
& z7 P; A" Y, t9 h1 b#
: ~0 e1 [6 R2 Z' {7 g$ k( {8 X*.emerg :omusrmsg:** @5 d: f, R0 m/ x# ^- @- j9 f
#
# J8 v( W! o% s2 V3 D7 T# I like to have messages displayed on the console, but only on a virtual/ U: ]7 [ H) L! D$ t
# console I usually leave idle.! M. q5 X8 {! q3 \/ ]2 x) s M
#3 {0 r: A+ L0 S0 K( C
#daemon,mail.*;\+ ^1 c# ^+ H' Y4 `$ V
# news.=crit;news.=err;news.=notice;\
; p8 i7 m$ M% m9 `# *.=debug;*.=info;\
3 J! }" B/ f8 K4 A- w! x# *.=notice;*.=warn /dev/tty8
& R) ^& T* J5 S- N3 U ]5 Y# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,0 t3 w# J& e0 o% m
# you must invoke `xconsole' with the `-file' option:* |6 @4 g& V* h, S0 R
# : o) j1 Y7 S, N3 ]3 }8 }1 p
# $ xconsole -file /dev/xconsole [...]/ H2 n: y1 z j+ R. p q
#
, I2 P: Q2 \; b# k) z2 w# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# s( Q) B# z. I# busy site..! w0 f! r& Z7 i; j( a* k
#, K4 E$ n( Y- b# k/ ^. \* ?/ v
daemon.*;mail.*;\
5 P, B2 `* u7 V3 G news.err;\
h# M4 ? q# R3 Q: j/ Q' f *.=debug;*.=info;\9 }4 _2 z' ^3 s0 F$ G0 `) j
*.=notice;*.=warn |/dev/xconsole3 D/ U" B C9 c# P! G" w- _
解决办法:" w# i" j5 v0 j! S" l2 l: j [
所以需修改该配置文件,将注释放开。
8 O' \9 y* P" P' rroot@controller:/var/log# vim /etc/rsyslog.d/50-default.conf ) P0 S, Q' b& V( O4 ]% x
2 D b7 E- ?, W1 W5 m- Y2 I4 |# Some "catch-all" log files.
, R5 M$ x6 m4 L h p5 n& A#6 V- U: j5 ^( A7 o" C3 P$ u
*.=debug;\
0 F8 K% q" ?' q8 } auth,authpriv.none;\$ N+ x8 j$ I. r2 v
news.none;mail.none -/var/log/debug j7 }# O" h9 R% q
*.=info;*.=notice;*.=warn;\
, ~4 _% H n7 P% u' V auth,authpriv.none;\! J0 l; T$ [# S4 ~9 z* V
cron,daemon.none;\
( s3 Q7 n1 C( N" B! A1 l9 U mail,news.none -/var/log/messages9 e* a# }3 y- e% J% f3 Z
) L- Y! o4 p- d1 Z1 e$ @8 p8 J
然后重启rsyslog服务即可:
! u: ?, d/ F' ]( ]0 \! X7 d- h" r8 @; g0 {2 {, s7 B A
root@controller:/var/log# service rsyslog restart " W' @) d' p8 _" @9 ^! V7 v# `
rsyslog stop/waiting9 g* V: t5 V# w, Z1 w! W6 l
rsyslog start/running, process 74907
! T* [* A$ ?" B" Z3 x8 _6 t, V8 @$ J. X' n, }0 U: G p+ q
- f$ D* Q5 B" P9 q, I! M7 f2 m
再次查看,就有日志了:# a+ I$ z4 S' |9 _) \
root@controller:/var/log# ls" t O" y w% W' n
alternatives.log boot.log chrony dmesg.0 dmesg.3.gz faillog kern.log messages udev wtmp
! q3 l; k5 ^* W# _; C! b' Bapt bootstrap.log dist-upgrade dmesg.1.gz dmesg.4.gz fsck landscape syslog unattended-upgrades3 f$ o; s4 q; ` m
auth.log btmp dmesg dmesg.2.gz dpkg.log installer lastlog ubuntu-advantage.log upstart
7 \$ t! ]( v3 V8 jroot@controller:/var/log#
2 u; N" w. _' ?4 P! T
1 v+ T2 M& w1 u4 d! ]# m0 C% F: s: _! J7 J. m. o
问题解决。
# d1 {- D" D7 O0 X3 ^' L5 N( G. Q' w1 M' P0 v* x" L! f& o
|
|
发表于 2022-1-18 15:00:01