<p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">1、/var/log/secure 记录登录系统存取数据的文件(例如:pop3,ssh,telnet,ftp等都会记录在此);</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">2、/ar/log/btmp 记录登录信息记录,被编码过,所以必须以lastb解析;</p><pre class="brush:bash;toolbar:false">lastb | awk '{ print $3}' | sort | uniq -c | sort -nr | more<br/></pre><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">3、/var/log/message 几乎所有的开机系统发生的错误都会在此记录;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">4、/var/log/boot.log 记录一些开机或者关机启动的一些服务显示的启动或者关闭的信息;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">5、/var/log/maillog 记录邮件的存取和往来;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">6、/var/log/cron 用来记录crontab(定时任务)这个服务的内容;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">7、/var/log/lastlog 记录每个用户最后的登录信息;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">8、/var/log/btmp 记录错误的登录尝试;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">9、/var/log/dmesg 内核日志;</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">10、/var/log/yum.log 使用yum安装的软件包信息</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">11、/var/log/messages 存放的是系统的日志信息,它记录了各种事件,基本上什么应用都能往里写日志,在做故障诊断时可以首先查看该文件内容</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;"><br/></p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">Linux的文件系统比Windows的要优秀,不会产生碎片,对于长时间运行的服务器来说尤为重要,而且Linux系统本身也不会像Windows一样产生大量的垃圾文件。不知道这个说法有没有可信度!至少我们可以确定的是linux系统的文件系统是比较优秀的!</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;"><span style="box-sizing: border-box; color: rgb(255, 0, 0);">错误</span>:</p><pre class="brush:bash;toolbar:false">rm -f logfile<br/></pre><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">原因:</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;"> 应用已经打开文件句柄,直接删除会造成:</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;"> 1.应用无法正确释放日志文件和写入</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;"> 2.显示磁盘空间未释放</p><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;"><span style="box-sizing: border-box; color: rgb(255, 0, 0);">正确方式</span>:</p><pre class="brush:bash;toolbar:false">cat /dev/null > logfile<br/>#例:cat /dev/null > /var/log/messages<br/></pre><p style="box-sizing: border-box; margin-top: 0px; margin-bottom: 18px; line-height: 25px; font-size: 15px; color: rgb(85, 85, 85); font-family: "Microsoft Yahei", 微软雅黑; white-space: normal;">将以下代码保存为.sh后缀的脚本文件,再配合crontab即可实现定时清理日志;</p><pre class="brush:bash;toolbar:false">#!/bin/sh <br/>cat /dev/null > /var/log/secure <br/>cat /dev/null > /var/log/btmp <br/>cat /dev/null > /var/log/message<br/>cat /dev/null > /var/log/messages <br/>cat /dev/null > /var/log/boot.log <br/>cat /dev/null > /var/log/maillog <br/>cat /dev/null > /var/log/cron<br/>cat /dev/null > /var/log/lastlog <br/>cat /dev/null > /var/log/btmp <br/>cat /dev/null > /var/log/dmesg <br/>cat /dev/null > /var/log/yum.log<br/></pre><p>来源:https://www.timeblog.cn/article/124.html</p>
相关文章
#没有设置高宽参数,将以原图输出)