Felitaur Site
Offerings
|
   
|
Week 9 for CIS126DL Linux Course
Lecture Overview Index | Linux SysAdmin Homepage
Overview |
Logs, Process Management, system tuning/monitoring
The following commands/programs will be used/discussed this week:
/var/log
ps -aux (-ef on solaris)
top
jobs
kill, kill -9 kill -l
sighup (kill -1) vs nohup
^z and &
bg fg
nice
grep sort uniq wc -l and awk -F '{print $1}'
/proc
rsyslog.conf (man rsyslog.conf)
/etc/logrotate.d
/etc/log.d/logwatch.conf(Need to do yum install logwatch first
tail -f
grep and grep -v (and the pipe | )
netstat, netstat -tupan, netstat -rn
hdparm -t and hdparm -I
hddtemp
|
Questions |
Why is it important to monitor logs on your system?
What is kept in /var/log/messages? In secure? in xferlog?
Where are the apache log files?
You want to find all entries for a particular user in a log file
(we'll say messages). How would you do it?
You want to find all the processes for a user, again, how?
If you do kill -l (L not 1) you get a list of different signals sent
to programs. What is SIGHUP? SIGKILL? SIGTERM? Which is the default?
If you see a program set to a niceness of -19, why is that potentially bad? Why do
you adjust the niceness anyhow?
What is rsyslog.conf? (man rsyslog.conf)
What is ryslog?
What files/directories control how logs rotate?
What information is kept in the /proc files?
How would you get a particular column of a log file to be the only thing
printed?
For Apache, what is kept in the error_log? referrer_log? access_log?
agent_log?
For true security, what should you do with your logs in a cron job?
|
Activities & Assignments |
- yum install logwatch and check out the logwatch config
- Using ps and grep, find the commands being run by root. Then by
nobody.
- Look through the messages log. What happens in the log when you su?
- Use tail -f /var/log/xferlog have a friend ftp to your IP address.
What do you see?
- Have your classmate log into a user account you made for them using
ssh -l username@IPADDRESS and see what shows up in /var/log/secure, /var/log/mesages, and netstat
|
Resources |
Check out the various web page resources on the Linux System Administration home page.
|
|
|