Coming over from Debian to CentOS / RHEL was mostly a smooth / simialr transition - although one of the little differences that I encountered was that CentOS 7 uses journalctl for general application / service logging - rather opposed to debian where everything was written to /var/log/messages (which translates to /var/log/syslog in the RHEL world.)
The journalctl tool is actually pretty cool and provides some in-built filters to allow you to quickly find the information you need rather than grepping everything!
I have included a few examples below of how information can be extracted:
To look at logs for a specific service we could issue something like the following for cron jobs:
journalctl SYSLOG_IDENTIFIER=crond
or something like follows for identifying selinux problems:
journalctl SYSLOG_IDENTIFIER=setroubleshoot
We can also filter dependent on time:
journalctl SYSLOG_IDENTIFIER=setroubleshoot --since "17:00" --until "19:00"
or filter dependent on a specific priority (e.g. Emergency to Error)
journalctl --priority 1..4
0 comments:
Post a Comment