</pre><pre name="code" class="plain">Oct 18 07:07:34 localhost dbus[776]: [system] Activating service name='org.freedesktop.problems' (using servicehelper) Oct 18 07:07:34 localhost dbus-daemon: dbus[776]: [system] Activating service name='org.freedesktop.problems' (using servicehelper) Oct 18 07:07:34 localhost dbus[776]: [system] Successfully activated service 'org.freedesktop.problems' Oct 18 07:07:34 localhost dbus-daemon: dbus[776]: [system] Successfully activated service 'org.freedesktop.problems' Oct 18 07:10:01 localhost systemd: Started Session 9 of user root. Oct 18 07:10:01 localhost systemd: Starting Session 9 of user root. Oct 18 07:10:24 localhost dbus[776]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
4)/var/log/boot.log //记录启动信息
rsyslog 负责采集日志和分类
配置文件:vim /etc/rsyslog.conf
在配置文件的rules部分,我们可以对日志文件,采集格式等进行配置
#### RULES #### # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* -/var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg :omusrmsg:*
$template WESTOS,"%timegenerated% %FROMHOST-IP% %syslogtag% %msg%\n" $ActionfileDefaultTemplate WESTOS #### RULES #### # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages;<WESTOS # The authpriv file has restricted access. authpriv.* /var/log/secure
>/var/log/messages //清空日志文件
logger test message //发送测试信息
$UDPServerRun 514
# Provides UDP syslog reception $ModLoad imudp //使用udp协议接受 $UDPServerRun 514 //开放udp端口514
>/var/log/messages //发送,接受都要清空日志文件
logger test message //发送测试信息
来测试是否成功