| View previous topic :: View next topic |
| Author |
Message |
jjasghar
Guru
Joined: 07 Mar 2004
Posts: 342
Location: $HOME=/usa/tx/austin
|
 Posted: Mon Mar 29, 2004 6:41 am Post subject: Logs for newbies |
 |
|
Ok i've got a nice newbie question that seems to not really be discussed anywhere in the extent that a n00b needs to understand. *nix is famous for it's applity to log basically EVERYTHING which is awesome. but the problem is i have no idea how to read them, or get the fullest knowalage of what's going on out of them.
I read /var/log/everything/current and found this
| Code: | Mar 28 23:00:00 [CRON] (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )_
- Last output repeated 3 times -
Mar 28 23:55:18 [gconfd (jj-16638)] starting (version 2.4.0.1), pid 16638 user 'jj'
Mar 28 23:55:19 [gconfd (jj-16638)] Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only config source at position 0
Mar 28 23:55:19 [gconfd (jj-16638)] Resolved address "xml:readwrite:/home/jj/.gconf" to a writable config source at position 1
Mar 28 23:55:19 [gconfd (jj-16638)] Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only config source at position 2
Mar 29 00:00:00 [CRON] (root) CMD (rm -f /var/spool/cron/lastrun/cron.hourly)_
Mar 29 00:00:00 [CRON] (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )_
- Last output repeated twice -
Mar 29 00:27:06 [su(pam_unix)] session opened for user root by (uid=1000)
Mar 29 00:30:00 [CRON] (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )_
|
WTF does all this mean?
also what other logs should i start checking, take me as a dolt here people because this is something that i've never gotten, but i know i need to. on reading logs, would it be a good idea to use tail -f /var/log/xxx ? or something else?
I know there are n00bs out there that are affaid of reading the logs so let me forge a path for them.
_________________
#include <LinuxUser #324070>
main()
{
printf("and i'm sorry my spellign sucs.");
} |
|
| Back to top |
|
 |
Boohbah
Apprentice
Joined: 17 Oct 2003
Posts: 250
Location: Seattle
|
| Posted: Mon Mar 29, 2004 6:52 am Post subject: |
|
|
I use logwatch to send a summary of my logs to my email every day.
_________________
Never try to explain computers to a layman. It's easier to explain sex to a virgin.
-- Robert Heinlein
(Note, however, that virgins tend to know a lot about computers.) |
|
| Back to top |
|
|
ett_gramse_nap
Apprentice
Joined: 01 Oct 2003
Posts: 252
Location: Göteborg, Sweden
|
| Posted: Mon Mar 29, 2004 7:04 am Post subject: |
|
|
| kraid wrote: | | I use logwatch to send a summary of my logs to my email every day. |
Sounds interesting. I might try that when I come home...
_________________
Don't bother! |
|
| Back to top |
|
|
jjasghar
Guru
Joined: 07 Mar 2004
Posts: 342
Location: $HOME=/usa/tx/austin
|
| Posted: Tue Mar 30, 2004 2:44 am Post subject: |
|
|
any chance anyone has a good link for an idiots guide to log management? i've looked at logwatch but haven't spent time working it out....i will don't get me wrong but i'd like a founation knowalage too
thanks
_________________
#include <LinuxUser #324070>
main()
{
printf("and i'm sorry my spellign sucs.");
} |
|
| Back to top |
|
|
Boohbah
Apprentice
Joined: 17 Oct 2003
Posts: 250
Location: Seattle
|
| Posted: Tue Mar 30, 2004 3:46 am Post subject: |
|
|
Check out http://www.gentoo.org/doc/en/gentoo-security.xml under section 4, More Logging. It has a good sample config for syslog-ng which is the logger i use.
_________________
Never try to explain computers to a layman. It's easier to explain sex to a virgin.
-- Robert Heinlein
(Note, however, that virgins tend to know a lot about computers.) |
|
| Back to top |
|
|
|
Other Things Gentoo
