|
export system log
I know there is /var/log/messages for looging the system error , as we have many servers , and some data in the log is duplicated , it seems time consuming to check regularly , is there any way to extract the important error from the log rather than check it frequently ?
thanks |
logwatch
or tail & grep etc. or multitail depends what you want... |
Probably I misunderstood, but you will never be sure what will be logged, so you cannot filter important messages before they arrived. Most of those messages will only important in case of a trouble. If you have a lot of annoying messages you may try to lower the log levels of specific applications/daemons.
|
Well, if you're as worn out as I am from visiting 25 machines to grep|awk|sed|tail all the logs, you could implement an Elasticsearch+Logstash+Kibana (ELK) solution and just read them all in one place.
I forward only key files to a central server using rsyslog and use ELK to 'read' them on that same host. How To Use Logstash and Kibana To Centralize Logs On Ubuntu 14.04 or How To Use Logstash and Kibana To Centralize Logs On CentOS 7 or How To Use Logstash and Kibana To Centralize Logs On CentOS 6 logstash.net http://www.elasticsearch.org/ http://www.elasticsearch.org/overview/kibana/ http://www.rsyslog.com/ Now, I suppose "important" is left to interpretation. |
thanks reply ,
there are many methods , I think I can't try all of these , would advise which one is the most common method ? thanks |
| All times are GMT -5. The time now is 11:37 PM. |