LOG

MySQL 5.7 时间显示修改(log_timestamps UTC)

01-02
在MySQL 5.7版本中,日志记录时间发生了变化,使用了UTC方式来记录日志时间,也就是说这是个世界统一时间,与我们常用的本地时间不协调,因此,初始化MySQL 5.7之后,需要对此做出调整,如下本文的描述. 一.错误日志的时间格式 当前环境 [robin@ydq-mnt ~]$ more /etc/redhat-release CentOS Linux release 7.4.1708 (Core) [robin@ydq-mnt ~]$ mysql -V mysql Ver 14.14 Di

23.6. rinetd.log

01-01
top 50 IP Address # cat /var/log/rinetd.log | awk '{print $2}' | awk -F'.' '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -r -n | head -n 50 原文出处:Netkiller 系列 手札 本文作者:陈景峯 转载请与作者联系,同时请务必标明文章原始出处和作者信息及本声明.

23.5. OpenSSH 日志 /var/log/secure

01-01
查询出恶意穷举密码的IP地址 # cat /var/log/rinetd.log | awk '{print $2}' | awk -F'.' '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -r -n | head -n 50 查看曾经登陆成功的IP地址 grep Accepted /var/log/secure | grep -oE "\b([0-9]{1,3}\.){3}[0

23.4. Mail

01-01
23.4.1. pflogsumm.pl - Produce Postfix MTA logfile summary # yum install -y postfix-perl-scripts pflogsumm `ls -rt /var/log/maillog*` pflogsumm -d today /var/log/maillog pflogsumm -d yesterday /var/log/maillog 发送统计报表到邮箱 0 5 * * * pflogsumm -d yesterd

23.3. Tomcat

01-01
Tomcat 日志监控主要是分析 catalina.out 文件 23.3.1. 截取 0-3 点区间的日志 egrep '^2011-08-02 0[0-3].*' sale-debug.log 23.3.2. 监控Redis redis.clients.jedis.exceptions.JedisConnectionException: java.net.SocketTimeoutException: Read timed out 原文出处:Netkiller 系列 手札 本文作者:陈景峯

第 23 章 Logs 分析

01-01
目录 23.1. log 23.1.1. logwatch 23.1.2. logcheck : Analyzes log files and sends noticeable events as email 23.1.3. nulog 23.2. Web 23.2.1. Apache Log 23.2.1.1. 刪除日志 23.2.1.2. 统计爬虫 23.2.1.3. 统计浏览器 23.2.1.4. IP 统计 23.2.1.5. 统计域名 23.2.1.6. HTTP Status 23.

23.2. Web

01-01
23.2.1. Apache Log 1.查看当天有多少个IP访问: awk '{print $1}' log_file|sort|uniq|wc -l 2.查看某一个页面被访问的次数: grep "/index.php" log_file | wc -l 3.查看每一个IP访问了多少个页面: awk '{++S[$1]} END {for (a in S) print a,S[a]}' log_file 4.将每个IP访问的页面数进行从小到大排序: awk '{++S[$1]} EN

第 22 章 Beta

01-01
目录 22.1. 安装 Beta 22.1.1. Beats 6.x 安装 22.1.2. Beats 5.x 安装 22.2. filebeat 22.1. 安装 Beta 22.1.1. Beats 6.x 安装 curl -s https://raw.githubusercontent.com/oscm/shell/master/search/elastic/elastic-6.x.sh | bash curl -s https://raw.githubusercontent.com/os

21.4. logstash 配置项

01-01
21.4.1. input 21.4.1.1. 标准输入输出 root@netkiller ~ % /usr/share/logstash/bin/logstash -e "input {stdin{}} output {stdout{}}" Helloworld ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the c

21.3. 配置 Broker(Redis)

01-01
21.3.1. indexer /etc/logstash/conf.d/indexer.conf input { redis { host => "127.0.0.1" port => "6379" key => "logstash:demo" data_type => "list" codec => "json" type => "logstash-redi

21.2. logstash 命令简单应用

01-01
21.2.1. -e 命令行运行 logstash -e "input {stdin{}} output {stdout{}}" /usr/share/logstash/bin/logstash -e 'input{file {path => "/etc/centos-release" start_position => "beginning"}} output { stdout {}}' 21.2.2. -f 指定配置文件 /usr

第 21 章 ElasticSearch + Logstash + Kibana

01-01
目录 21.1. 安装 21.1.1. 6.x 21.1.2. ElasticSearch + Logstash + Kibana 安装 21.1.2.1. ElasticSearch 安装 21.1.2.2. Kibana 安装 21.1.2.3. Logstash 安装 21.1.2.4. 从 5.x 升级到 6.x 21.2. logstash 命令简单应用 21.2.1. -e 命令行运行 21.2.2. -f 指定配置文件 21.2.3. -t:测试配置文件是否正确,然后退出. 21.

12.2. mcelog - Decode kernel machine check log on x86 machines

01-01
$ sudo apt-get install mcelog Decode machine check ASCII output from kernel logs Options: --cpu CPU Set CPU type CPU to decode (see below for valid types) --cpumhz MHZ Set CPU Mhz to decode time (output unreliable, not needed on new kernels) --raw (w

第 12 章 Hardware

01-01
目录 12.1. temperature/voltage/fan 12.2. mcelog - Decode kernel machine check log on x86 machines 12.1. temperature/voltage/fan lm-sensors - utilities to read temperature/voltage/fan sensors $ sudo apt-get install lm-sensors $ sudo sensors-detect $ sen

8.3. log file

01-01
log file $ sudo vim /etc/default/varnishlog VARNISHLOG_ENABLED=1 $ sudo /etc/init.d/varnishlog start * Starting HTTP accelerator log deamon [ OK ] $ sudo vim /etc/default/varnishncsa VARNISHNCSA_ENABLED=1 $ sudo /etc/init.d/varnishncsa start * Starti

4.2. /etc/lighttpd/lighttpd.conf

01-01
4.2.1. max-worker / max-fds max-worker 我一般设置为与处理器数目相同. max-fds 最大连接数 server.max-worker = 24 server.max-fds = 4096 4.2.2. accesslog.filename 通过cronolog切割日志 #### accesslog module #accesslog.filename = "/www/logs/lighttpd.access.log" accesslog.file

1.7. FAQ

01-01
1.7.1. 405 Not Allowed? 1.7.1.1. 405 Not Allowed? 1.7.1.1. 405 Not Allowed? 静态页面POST会提示405 Not Allowed错误. # curl -d name=neo http://www.mydoamin.com/index.html <html> <head><title>405 Not Allowed</title></head> <body bgcol

5.8. grep, egrep, fgrep, rgrep - print lines matching a pattern

01-01
5.8.1. 删除空行 $ cat file | grep '.' 5.8.2. -v, --invert-match grep -v "grep" [root@development ~]# ps ax | grep httpd 6284 ? Ss 0:10 /usr/local/httpd-2.2.14/bin/httpd -k start 8372 ? S 0:00 perl ./wrapper.pl -chdir -name httpd -class com.caucho.se

5.4. package / compress and decompress

01-01
5.4.1. tar - The GNU version of the tar archiving utility 5.4.1.1. tar examples tar tar -cvf foo.tar foo/ tar contents of folder foo in foo.tar tar -xvf foo.tar extract foo.tar 5.4.1.2. gunzip tar -zcvf foo.tar foo/ tar contents of folder foo in foo.

5.3. Directory and File System Related

01-01
5.3.1. dirname $ dirname /usr/bin/find /usr/bin 5.3.2. filename $ basename /usr/bin/find find 5.3.2.1. 排除扩展名 file=test.txt b=${file%.*} echo $b $ for file in *.JPG;do mv $file ${file%.*}.jpg;done 5.3.2.2. 取扩展名 file=test.txt b=${file##*.} echo $b 5.3.