Link playlist
Red Hat Enterprise Linux Administration
2023 12 06 13 04 25
Live Log File Monitoring
When you are configuring services on Linux, it might be useful
to see in real time what is happening. You could, for example,
open two terminal sessions at the same time. In one terminal
session, you configure and test the service. In the other terminal
session, you see in real time what is happening. The tail -f
logfile command shows in real time which lines are added to
the log file. Exercise 13-1 in the following section shows a small
example in which tail -f is used. When you’re monitoring a log
file with tail -f, the trace remains open until you press Ctrl-C to
close it.
Using logger
Most services write information to the log files all by
themselves or through rsyslogd. The logger command enables
users to write messages to rsyslog from the command line or a
script. Using this command is simple. Just type logger, followed
by the message you want to write to the logs. The logger utility,
in this way, offers a convenient solution to write messages from
scripts. This allows you to have a script write to syslog if
something goes wrong.
When using logger, you can also specify the priority and facility
to log to. The command logger -p kern.err hello writes hello to
the kernel facility, for example, using the error priority (priority
and facility are discussed in more detail later in this chapter).
This option enables you to test the working of specific rsyslog
facilities. In Exercise 13-1, you use tail -f to monitor a log file in
real time and use logger to write log messages to a log file.
Exercise 13-1 Using Live Log Monitoring and logger
1. Open a root shell.
2. From the root shell, type tail -f /var/log/messages.
3. Open a second terminal window. In this terminal window,
type su – student to open a subshell as user student.
4. Type su – to open a root shell, but enter the wrong password.
5. Look at the file /var/log/messages. You see an error message
was logged here.
6. From the student shell, type logger hello. You’ll see the
message appearing in the /var/log/messages file in real time.
7. In the tail -f terminal, press Ctrl-C to stop tracing the
messages file.
8. Type tail -20 /var/log/secure. This shows the last 20 lines in
/var/log/secure, which also shows the messages that the su –
password errors have generated previously.
[ad_2]
source
