m |
|||
(35 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | + | === Log === | |
+ | You can see various logs that are located in each device using the <code>show log</code> command. | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log {name} [-h] [-n NUMBER] [-w] [keyword] | ||
+ | optional arguments: | ||
+ | -h, --help show this help message and exit | ||
+ | -n [NUMBER], --number [NUMBER] enter 0 to show all logs, and enter a value greater than 0 to show as much as the value entered | ||
+ | -w, --watch show the log or setup status in real time | ||
+ | </pre> | ||
+ | The below table shows you all kinds of logs. Some logs are generated in real-time during the runtime of a specific service, which is called "[[CLI_-_Services(daemons)#Runtime_Log | Runtime log]]". | ||
+ | |||
+ | If the [[CLI_-_Services(daemons)#Runtime_Log | Runtime log]] of a specific service is disabled, logs are not generated. | ||
+ | Therefore, you should verify the status of the Runtime log by the <code>show service</code> command. If disabled, you need to [[CLI_-_Services(daemons)#Runtime_Log | enable]] it. | ||
+ | |||
+ | {| class="wikitable" | ||
+ | ! style='width:150px' | log name !! log description | ||
+ | |- | ||
+ | | apache2 || It is the apache2 access log. | ||
+ | |- | ||
+ | | dhcpv4 || It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | dhcpv4]] service. | ||
+ | |- | ||
+ | | dhcpv6 || It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | dhcpv6]] service. | ||
+ | |- | ||
+ | | failover || It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | failover]] service. | ||
+ | |- | ||
+ | | logexp || It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | logexp]] service. | ||
+ | |- | ||
+ | | lsyslog || It is the Syslog generated from the imRAD services. | ||
+ | |- | ||
+ | | mysqlerror || It is the MySQL error log. | ||
+ | |- | ||
+ | | mysqlslow || It is the MySQL slow log. | ||
+ | |- | ||
+ | | radius || It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | radiusd]] service. | ||
+ | |- | ||
+ | | smgr|| It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | smgr]] service. | ||
+ | |- | ||
+ | | startup|| It is the logs that were generated in real-time during the runtime of the [[ImRAD services(daemons) | startup]] service. | ||
+ | |- | ||
+ | | syslog|| It is the Syslog. | ||
+ | |- | ||
+ | | ufw || It is logs of all blocked packets not matching the defined [[CLI - ufw | ufw]] policy. | ||
+ | |- | ||
+ | | update|| It is the System update log. | ||
+ | |- | ||
+ | |} | ||
+ | |||
+ | ==== Displaying logs ==== | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log apache2 // Display all apache2 logs | ||
+ | LYSH@MyHostName# show log radius // Display all radius logs | ||
+ | </pre> | ||
+ | |||
+ | ==== Displaying last n logs ==== | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log apache2 -n 10 // Display only the last 10 apache2 logs | ||
+ | LYSH@MyHostName# show log radius -n 10 // Display only the last 10 radius logs | ||
+ | </pre> | ||
+ | |||
+ | ==== Displaying last n logs with keyword ==== | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log apache2 -n 10 request // Display only the last 10 apache2 logs filtered by "request" | ||
+ | LYSH@MyHostName# show log radius -n 10 accept // Display only the last 10 radius logs filtered by "request" | ||
+ | </pre> | ||
+ | |||
+ | ==== Displaying logs in real-time ==== | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log apache2 -w // Display the apache2 logs in real-time | ||
+ | LYSH@MyHostName# show log radius -w // Display the radius logs in real-time | ||
+ | </pre> | ||
+ | |||
+ | ==== Displaying logs in real-time with keyword ==== | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log apache2 -w request // Display the apache2 logs filtered by "request" in real-time | ||
+ | LYSH@MyHostName# show log radius -w accept // Display the radius logs filtered by "accept" in real-time | ||
+ | </pre> | ||
+ | |||
+ | ==== keyword with logical operator ==== | ||
+ | The <code>&</code> is the logical "AND" operator and the <code>|</code> is the logical "OR" operator. | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log "request&reply" // Display the apache2 logs having both "request" and "reply" | ||
+ | LYSH@MyHostName# show log "request|reply" // Display the apache2 logs having either "request" or "reply" | ||
+ | </pre> | ||
+ | |||
+ | {{note|Note that you'd better put a keyword in quotation marks.}} | ||
+ | |||
+ | ==== log files ==== | ||
+ | To list all log files, enter the <code>show log files</code> command in the user mode. If you want to delete some log files to increase disk space, use the <code>[[CLI_-_System#storage|system storage cleanup]]</code> command. | ||
+ | <pre> | ||
+ | LYSH@MyHostName# show log files | ||
+ | 355M 2021-05-13 17:20 LOG | ||
+ | .... | ||
+ | 3.0M 2021-05-13 17:20 LOG/apache2/access.log | ||
+ | 1.7M 2021-05-12 23:59 LOG/apache2/access.log.1 | ||
+ | 68K 2021-05-11 18:36 LOG/apache2/access.log.2.gz | ||
+ | .... | ||
+ | 1.1M 2021-05-11 16:23 LOG/imrad/ly_dhcpv4.log | ||
+ | 7.3M 2021-05-13 17:20 LOG/imrad/ly_dhcpv6.log | ||
+ | 2.3M 2021-05-13 17:20 LOG/imrad/ly_logexp.log | ||
+ | 4.2M 2021-05-13 17:18 LOG/imrad/ly_smgr.log | ||
+ | 1.4M 2021-05-13 17:20 LOG/imrad/ly_startup.log | ||
+ | </pre> | ||
+ | ===== Reading logs from a file ===== | ||
+ | After list up all log files, you can read logs from a specific file using <code>show log -o {filename}</code> command. | ||
<pre> | <pre> | ||
− | LYSH@MyHostName# show log - | + | LYSH@MyHostName# show log -o LOG/imrad/access.log.2.gz |
− | + | 192.168.0.11 - - [11/May/2021:18:36:50 +0900] "GET /header/postsys HTT.. | |
+ | 192.168.0.23 - - [11/May/2021:16:11:50 +0900] "POST /rad/account HTTP/1.1" 200 ... | ||
+ | 192.168.0.23 - - [11/May/2021:18:35:50 +0900] "GET /header/postsys HTTP/1.1... | ||
+ | 192.168.0.11 - - [11/May/2021:18:35:50 +0900] "GET /header/post HTTP/1.... | ||
+ | |||
+ | LYSH@MyHostName# show log -o LOG/imrad/access.log.2.gz -f post | ||
+ | 192.168.0.23 - - [11/May/2021:16:11:50 +0900] "POST /rad/account HTTP/1.1" 200 ... | ||
+ | </pre> | ||
+ | |||
+ | ==== Configuration ==== | ||
+ | |||
+ | ===== loghost ===== | ||
+ | It is the configuration for Syslog to log remotely. We term such remote log server "loghost".If there is the same "loghost", it overwrites to the new one. | ||
− | + | <pre> | |
− | + | LYSH@MyHostName# configure | |
− | + | LYSH@MyHostName(config)# loghost add -h | |
− | + | usage: loghost add [-h] <A.B.C.D|WORD> [<[1-65535]>] [<[WORD]>] | |
− | + | </pre> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | To send all logs to the remote server whose address is 192.168.0.100 and port is the default Syslog port(514). | |
− | + | <pre> | |
+ | LYSH@MyHostName(config)# loghost add 192.168.0.100 | ||
+ | </pre> | ||
+ | To send all logs to the remote server whose address is 192.168.0.100 and port is 1000. | ||
+ | <pre> | ||
+ | LYSH@MyHostName(config)# loghost add 192.168.0.100 1000 | ||
</pre> | </pre> | ||
− | + | To send logs whose level is greater than or equal to "notice" to the remote server whose address is 192.168.0.100 and port is 1000. | |
− | |||
− | |||
− | |||
− | |||
<pre> | <pre> | ||
− | + | LYSH@MyHostName(config)# loghost add 192.168.0.100 1000 notice | |
+ | </pre> | ||
− | + | To verify loghost, enter the <code>show loghost</code> in the user mode. | |
− | + | <pre> | |
+ | LYSH@MyHostName# show loghost | ||
+ | *.notice @192.168.0.100:1000 | ||
+ | </pre> | ||
− | + | ===== rotate ===== | |
− | + | It configures the logroate<ref>https://linux.die.net/man/8/logrotate</ref> that allows automatic rotation, compression, and removal of log files.<br> | |
− | + | You can configure it by entering <code>log roate {size} {roate}</code> command in the configuration mode. In this command, it needs two arguments that are | |
− | + | * size: With this, the log file is rotated when the specified size is reached. Size may be specified in bytes, kilobytes (sizeK), megabytes (sizeM), or gigabytes (sizeG) | |
+ | * rotate: This specifies the number of times to rotate a file before it is deleted. For example, A count of 5 means five copies are retained.<ref>http://linuxnextgen.blogspot.com/2011/04/logrotate-in-linux.html</ref> | ||
+ | |||
+ | To verify current configuration, enter the <code>show system rotate</code> command in the user mode. | ||
+ | <pre> | ||
+ | LYSH@MyHostName# configure | ||
+ | LYSH@MyHostName(config)# log roate 1G 3 | ||
+ | LYSH@MyHostName(config)# exit | ||
+ | LYSH@MyHostName# show system rotate | ||
+ | log rotate : size:1G rotate:3 | ||
</pre> | </pre> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ===== sort ===== | |
+ | You can specify the order of logs display. This configuration affects when if you execute the <code>show log</code> command without -w option. you can verify current setting by executing <code>show system logsort</code>. If the sort is "desc," it shows logs in descending order. If the sort is "asc", it shows logs in ascending order. | ||
+ | LYSH@MyHostName# show system logsort | ||
+ | logsort : desc // logs are shown in descending order. | ||
+ | |||
+ | You can change the order in the configuration mode. | ||
+ | LYSH@MyHostName# configure | ||
+ | LYSH@MyHostName(config)# log sort asc | ||
+ | LYSH@MyHostName(config)# exit | ||
+ | LYSH@MyHostName# show system logsort | ||
+ | logsort : asc // logs are shown in descending order. |
Latest revision as of 10:49, 28 January 2022
Log
You can see various logs that are located in each device using the show log
command.
LYSH@MyHostName# show log {name} [-h] [-n NUMBER] [-w] [keyword] optional arguments: -h, --help show this help message and exit -n [NUMBER], --number [NUMBER] enter 0 to show all logs, and enter a value greater than 0 to show as much as the value entered -w, --watch show the log or setup status in real time
The below table shows you all kinds of logs. Some logs are generated in real-time during the runtime of a specific service, which is called " Runtime log".
If the Runtime log of a specific service is disabled, logs are not generated.
Therefore, you should verify the status of the Runtime log by the show service
command. If disabled, you need to enable it.
log name | log description |
---|---|
apache2 | It is the apache2 access log. |
dhcpv4 | It is the logs that were generated in real-time during the runtime of the dhcpv4 service. |
dhcpv6 | It is the logs that were generated in real-time during the runtime of the dhcpv6 service. |
failover | It is the logs that were generated in real-time during the runtime of the failover service. |
logexp | It is the logs that were generated in real-time during the runtime of the logexp service. |
lsyslog | It is the Syslog generated from the imRAD services. |
mysqlerror | It is the MySQL error log. |
mysqlslow | It is the MySQL slow log. |
radius | It is the logs that were generated in real-time during the runtime of the radiusd service. |
smgr | It is the logs that were generated in real-time during the runtime of the smgr service. |
startup | It is the logs that were generated in real-time during the runtime of the startup service. |
syslog | It is the Syslog. |
ufw | It is logs of all blocked packets not matching the defined ufw policy. |
update | It is the System update log. |
Displaying logs
LYSH@MyHostName# show log apache2 // Display all apache2 logs LYSH@MyHostName# show log radius // Display all radius logs
Displaying last n logs
LYSH@MyHostName# show log apache2 -n 10 // Display only the last 10 apache2 logs LYSH@MyHostName# show log radius -n 10 // Display only the last 10 radius logs
Displaying last n logs with keyword
LYSH@MyHostName# show log apache2 -n 10 request // Display only the last 10 apache2 logs filtered by "request" LYSH@MyHostName# show log radius -n 10 accept // Display only the last 10 radius logs filtered by "request"
Displaying logs in real-time
LYSH@MyHostName# show log apache2 -w // Display the apache2 logs in real-time LYSH@MyHostName# show log radius -w // Display the radius logs in real-time
Displaying logs in real-time with keyword
LYSH@MyHostName# show log apache2 -w request // Display the apache2 logs filtered by "request" in real-time LYSH@MyHostName# show log radius -w accept // Display the radius logs filtered by "accept" in real-time
keyword with logical operator
The &
is the logical "AND" operator and the |
is the logical "OR" operator.
LYSH@MyHostName# show log "request&reply" // Display the apache2 logs having both "request" and "reply" LYSH@MyHostName# show log "request|reply" // Display the apache2 logs having either "request" or "reply"
Note that you'd better put a keyword in quotation marks.
log files
To list all log files, enter the show log files
command in the user mode. If you want to delete some log files to increase disk space, use the system storage cleanup
command.
LYSH@MyHostName# show log files 355M 2021-05-13 17:20 LOG .... 3.0M 2021-05-13 17:20 LOG/apache2/access.log 1.7M 2021-05-12 23:59 LOG/apache2/access.log.1 68K 2021-05-11 18:36 LOG/apache2/access.log.2.gz .... 1.1M 2021-05-11 16:23 LOG/imrad/ly_dhcpv4.log 7.3M 2021-05-13 17:20 LOG/imrad/ly_dhcpv6.log 2.3M 2021-05-13 17:20 LOG/imrad/ly_logexp.log 4.2M 2021-05-13 17:18 LOG/imrad/ly_smgr.log 1.4M 2021-05-13 17:20 LOG/imrad/ly_startup.log
Reading logs from a file
After list up all log files, you can read logs from a specific file using show log -o {filename}
command.
LYSH@MyHostName# show log -o LOG/imrad/access.log.2.gz 192.168.0.11 - - [11/May/2021:18:36:50 +0900] "GET /header/postsys HTT.. 192.168.0.23 - - [11/May/2021:16:11:50 +0900] "POST /rad/account HTTP/1.1" 200 ... 192.168.0.23 - - [11/May/2021:18:35:50 +0900] "GET /header/postsys HTTP/1.1... 192.168.0.11 - - [11/May/2021:18:35:50 +0900] "GET /header/post HTTP/1.... LYSH@MyHostName# show log -o LOG/imrad/access.log.2.gz -f post 192.168.0.23 - - [11/May/2021:16:11:50 +0900] "POST /rad/account HTTP/1.1" 200 ...
Configuration
loghost
It is the configuration for Syslog to log remotely. We term such remote log server "loghost".If there is the same "loghost", it overwrites to the new one.
LYSH@MyHostName# configure LYSH@MyHostName(config)# loghost add -h usage: loghost add [-h] <A.B.C.D|WORD> [<[1-65535]>] [<[WORD]>]
To send all logs to the remote server whose address is 192.168.0.100 and port is the default Syslog port(514).
LYSH@MyHostName(config)# loghost add 192.168.0.100
To send all logs to the remote server whose address is 192.168.0.100 and port is 1000.
LYSH@MyHostName(config)# loghost add 192.168.0.100 1000
To send logs whose level is greater than or equal to "notice" to the remote server whose address is 192.168.0.100 and port is 1000.
LYSH@MyHostName(config)# loghost add 192.168.0.100 1000 notice
To verify loghost, enter the show loghost
in the user mode.
LYSH@MyHostName# show loghost *.notice @192.168.0.100:1000
rotate
It configures the logroate[1] that allows automatic rotation, compression, and removal of log files.
You can configure it by entering log roate {size} {roate}
command in the configuration mode. In this command, it needs two arguments that are
- size: With this, the log file is rotated when the specified size is reached. Size may be specified in bytes, kilobytes (sizeK), megabytes (sizeM), or gigabytes (sizeG)
- rotate: This specifies the number of times to rotate a file before it is deleted. For example, A count of 5 means five copies are retained.[2]
To verify current configuration, enter the show system rotate
command in the user mode.
LYSH@MyHostName# configure LYSH@MyHostName(config)# log roate 1G 3 LYSH@MyHostName(config)# exit LYSH@MyHostName# show system rotate log rotate : size:1G rotate:3
sort
You can specify the order of logs display. This configuration affects when if you execute the show log
command without -w option. you can verify current setting by executing show system logsort
. If the sort is "desc," it shows logs in descending order. If the sort is "asc", it shows logs in ascending order.
LYSH@MyHostName# show system logsort logsort : desc // logs are shown in descending order.
You can change the order in the configuration mode.
LYSH@MyHostName# configure LYSH@MyHostName(config)# log sort asc LYSH@MyHostName(config)# exit LYSH@MyHostName# show system logsort logsort : asc // logs are shown in descending order.