Vous êtes ici : Formations en Ligne Gratuites » Catalogue » workbooks » Red Hat » RH124 - Course Overview » RH12411 - Log Management

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

--- elearning:workbooks:redhat:rh124en:l110 [2024/11/13 10:16] – admin
+++ elearning:workbooks:redhat:rh124en:l110 [2024/11/28 08:57] (Version actuelle) – admin
@@ Ligne 1: / Ligne 1: @@
-~~PDF:PAYSAGE~~
+~~PDF:LANDSCAPE~~
 Version : **2024.01**
@@ Ligne 7: / Ligne 7: @@
 ======RH12411 - Log Management======
-=====Module content=====
+=====Contents=====
-  * **RH12411 - Managing Logs**
+  * **RH12411 - Log Management**
+    * Contents
     * Overview
     * The dmesg Command
@@ Ligne 25: / Ligne 26: @@
           * The aureport Command
           * The ausearch Command
-          * The /var/log/messages File
+    * The /var/log/messages File
     * Applications
     * LAB #2 - rsyslog
@@ Ligne 1053: / Ligne 1054: @@
 </file>
-<WRAP centre round important 60%>
+<WRAP center round important 60%>
 **Important** : The two directives **module(load=‘imudp’)** and **input(type=‘imudp’ port=‘514’)** create a **Listener** on port UDP/514, while the two directives **module(load=‘imtcp’)** and **input(type=‘imtcp’ port=‘514’)** create a Listener on port TCP/514. Port 514 is the standard port for rsyslog Listeners. However, it is possible to change the port number.
 </WRAP>
@@ Ligne 1433: / Ligne 1434: @@
 <code>
-[root@redhat9 ~]# ls -l /var/log/journal/
-total 0
-drwxr-sr-x+ 2 root systemd-journal 53 Sep 28 15:39 5a35a3eb625c45cea1d33535723e791f
 [root@redhat9 ~]# journalctl
 Sep 28 15:36:59 redhat9.ittraining.loc kernel: Linux version 5.14.0-427.37.1.el9_4.x86_64 (mockbuild@x86-64-02.build.eng.rdu2.redhat.com) (gcc (GCC) 11.4.1 20231218 (Red Hat 11.4.1-3), GNU ld version 2.35.2-43>
@@ Ligne 1589: / Ligne 1587: @@
 <code>
-[root@redhat9 ~]# journalctl -b | more
+[root@redhat9 ~]# journalctl -p warning
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: Linux version 5.14.0-427.37.1.el9_4.x86_64 (mockbuild@x86-64-02.build.eng.rdu2.redhat.com) (gcc (GCC) 11.4.1 20231218 (Red Hat 11.4.1-3), GNU ld version 2.35.2-43.
+Sep 28 15:36:59 redhat9.ittraining.loc kernel:  #3
-el9) #1 SMP PREEMPT_DYNAMIC Fri Sep 13 12:41:50 EDT 2024
+Sep 28 15:36:59 redhat9.ittraining.loc kernel: acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended configuration space under this bridge
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: The list of certified hardware and cloud instances for Red Hat Enterprise Linux 9 can be viewed at the Red Hat Ecosystem Catalog, https://catalog.redhat.com.
+Sep 28 15:36:59 redhat9.ittraining.loc kernel: device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: Command line: BOOT_IMAGE=(hd0,msdos1)/vmlinuz-5.14.0-427.37.1.el9_4.x86_64 root=/dev/mapper/rhel-root ro crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M resume=/dev/m
+Sep 28 15:37:00 redhat9.ittraining.loc systemd[1]: sys-module-fuse.device: Failed to enqueue SYSTEMD_WANTS= job, ignoring: Unit sys-fs-fuse-connections.mount not found.
-apper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet
+Sep 28 15:37:00 redhat9.ittraining.loc kernel: sd 0:0:0:0: Power-on or device reset occurred
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
+Sep 28 15:37:10 redhat9.ittraining.loc lvm[696]: PV /dev/sda2 online, VG rhel is complete.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
+Sep 28 15:37:12 redhat9.ittraining.loc avahi-daemon[752]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
+Sep 28 15:37:16 redhat9.ittraining.loc kernel: Warning: Unmaintained driver is detected: ip_set
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: x86/fpu: xstate_offset[2]:  576, xstate_sizes[2]:  256
+Sep 28 15:37:20 redhat9.ittraining.loc kernel: block dm-0: the capability attribute has been deprecated.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'standard' format.
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: Cannot change IRQ 28 affinity: Input/output error
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: signal: max sigframe size: 1776
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: IRQ 28 affinity is now unmanaged
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-provided physical RAM map:
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: Cannot change IRQ 30 affinity: Input/output error
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: IRQ 30 affinity is now unmanaged
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: Cannot change IRQ 29 affinity: Input/output error
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: IRQ 29 affinity is now unmanaged
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x0000000000100000-0x00000000bffd9fff] usable
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: Cannot change IRQ 0 affinity: Input/output error
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x00000000bffda000-0x00000000bfffffff] reserved
+Sep 28 15:37:23 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: IRQ 0 affinity is now unmanaged
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
+Sep 28 15:37:23 redhat9.ittraining.loc org.gnome.Shell.desktop[1802]: pci id for fd 13: 1234:1111, driver (null)
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
+Sep 28 15:37:23 redhat9.ittraining.loc org.gnome.Shell.desktop[1802]: MESA-LOADER: failed to open bochs-drm: /usr/lib64/dri/bochs-drm_dri.so: cannot open shared object file: No such file or directory (search p>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: BIOS-e820: [mem 0x0000000100000000-0x000000023fffffff] usable
+Sep 28 15:37:25 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.a11y.Bus' requested by ':1.4' (uid=42 pid=1802 comm="/us>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: NX (Execute Disable) protection: active
+Sep 28 15:37:25 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.a11y.Bus'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: SMBIOS 2.8 present.
+Sep 28 15:37:27 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.freedesktop.portal.IBus' requested by ':1.6' (uid=42 pid>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
+Sep 28 15:37:27 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.freedesktop.portal.IBus'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: Hypervisor detected: KVM
+Sep 28 15:37:27 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.freedesktop.impl.portal.PermissionStore' requested by ':>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: kvm-clock: Using msrs 4b564d01 and 4b564d00
+Sep 28 15:37:27 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.freedesktop.impl.portal.PermissionStore'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: kvm-clock: using sched offset of 269552729537899 cycles
+Sep 28 15:37:28 redhat9.ittraining.loc wireplumber[1859]: Failed to set scheduler settings: Operation not permitted
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
+Sep 28 15:37:28 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.gnome.Shell.Notifications' requested by ':1.3' (uid=42 p>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: tsc: Detected 2099.998 MHz processor
+Sep 28 15:37:28 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1825]: dbus-daemon[1825]: Activating service name='org.a11y.atspi.Registry' requested by ':1.0' (uid=42 pid=1802 comm="/usr/bin/gnome-she>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
+Sep 28 15:37:28 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1825]: dbus-daemon[1825]: Successfully activated service 'org.a11y.atspi.Registry'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: e820: remove [mem 0x000a0000-0x000fffff] usable
+Sep 28 15:37:28 redhat9.ittraining.loc wireplumber[1859]: GetManagedObjects() failed: org.freedesktop.DBus.Error.NameHasNoOwner
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: last_pfn = 0x240000 max_arch_pfn = 0x400000000
+Sep 28 15:37:28 redhat9.ittraining.loc gnome-shell[1802]: Realizing HW cursor failed: drmModeAddFB does not support format 'AR24' (0x34325241)
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: MTRR map: 4 entries (3 fixed + 1 variable; max 19), built from 8 variable MTRRs
+Sep 28 15:37:28 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.freedesktop.systemd1' requested by ':1.16' (uid=42 pid=1>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT
+Sep 28 15:37:28 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.gnome.Shell.Notifications'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: last_pfn = 0xbffda max_arch_pfn = 0x400000000
+Sep 28 15:37:28 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activated service 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: found SMP MP-table at [mem 0x000f5bc0-0x000f5bcf]
+Sep 28 15:37:28 redhat9.ittraining.loc gsd-sharing[1908]: Failed to StopUnit service: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process org.freedesktop.systemd1 exited with status 1
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: Using GB pages for direct mapping
+Sep 28 15:37:28 redhat9.ittraining.loc gsd-sharing[1908]: Failed to StopUnit service: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process org.freedesktop.systemd1 exited with status 1
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: RAMDISK: [mem 0x3149c000-0x34a45fff]
+Sep 28 15:37:28 redhat9.ittraining.loc gsd-sharing[1908]: Failed to StopUnit service: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process org.freedesktop.systemd1 exited with status 1
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Early table checksum verification disabled
+Sep 28 15:37:28 redhat9.ittraining.loc org.gnome.Shell.desktop[1831]: Failed to initialize glamor, falling back to sw
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: RSDP 0x00000000000F5980 000014 (v00 BOCHS )
+Sep 28 15:37:28 redhat9.ittraining.loc gnome-shell[1802]: Realizing HW cursor failed: drmModeAddFB does not support format 'AR24' (0x34325241)
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: RSDT 0x00000000BFFE300C 000038 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
+Sep 28 15:37:29 redhat9.ittraining.loc dbus-broker[751]: A security policy denied :1.25 to send method call /org/freedesktop/PackageKit:org.freedesktop.DBus.Properties.GetAll to :1.33.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: FACP 0x00000000BFFE2DDE 000074 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
+Sep 28 15:37:29 redhat9.ittraining.loc dbus-broker[751]: A security policy denied :1.25 to send method call /org/freedesktop/PackageKit:org.freedesktop.DBus.Properties.GetAll to :1.33.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: DSDT 0x00000000BFFDF040 003D9E (v01 BOCHS  BXPC     00000001 BXPC 00000001)
+Sep 28 15:37:29 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.gnome.Shell.Screencast' requested by ':1.23' (uid=42 pid>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: FACS 0x00000000BFFDF000 000040
+Sep 28 15:37:30 redhat9.ittraining.loc gnome-shell[1802]: ATK Bridge is disabled but a11y has already been enabled.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: APIC 0x00000000BFFE2E52 000090 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
+Sep 28 15:37:30 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.freedesktop.portal.IBus' requested by ':1.33' (uid=42 pi>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: SSDT 0x00000000BFFE2EE2 0000CA (v01 BOCHS  VMGENID  00000001 BXPC 00000001)
+Sep 28 15:37:30 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.freedesktop.portal.IBus'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: HPET 0x00000000BFFE2FAC 000038 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
+Sep 28 15:37:30 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Activating service name='org.gnome.ScreenSaver' requested by ':1.25' (uid=42 pid=1928>
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: WAET 0x00000000BFFE2FE4 000028 (v01 BOCHS  BXPC     00000001 BXPC 00000001)
+Sep 28 15:37:30 redhat9.ittraining.loc gsd-media-keys[1923]: Failed to grab accelerator for keybinding settings:hibernate
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving FACP table memory at [mem 0xbffe2dde-0xbffe2e51]
+Sep 28 15:37:30 redhat9.ittraining.loc gsd-media-keys[1923]: Failed to grab accelerator for keybinding settings:playback-repeat
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving DSDT table memory at [mem 0xbffdf040-0xbffe2ddd]
+Sep 28 15:37:30 redhat9.ittraining.loc org.gnome.Shell.desktop[2153]: The XKEYBOARD keymap compiler (xkbcomp) reports:
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving FACS table memory at [mem 0xbffdf000-0xbffdf03f]
+Sep 28 15:37:30 redhat9.ittraining.loc org.gnome.Shell.desktop[2153]: > Warning:          Unsupported maximum keycode 708, clipping.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving APIC table memory at [mem 0xbffe2e52-0xbffe2ee1]
+Sep 28 15:37:30 redhat9.ittraining.loc org.gnome.Shell.desktop[2153]: >                   X11 cannot support keycodes above 255.
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving SSDT table memory at [mem 0xbffe2ee2-0xbffe2fab]
+Sep 28 15:37:30 redhat9.ittraining.loc org.gnome.Shell.desktop[2153]: Errors from xkbcomp are not fatal to the X server
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving HPET table memory at [mem 0xbffe2fac-0xbffe2fe3]
+Sep 28 15:37:30 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.gnome.ScreenSaver'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: ACPI: Reserving WAET table memory at [mem 0xbffe2fe4-0xbffe300b]
+Sep 28 15:37:30 redhat9.ittraining.loc /usr/libexec/gdm-wayland-session[1793]: dbus-daemon[1793]: [session uid=42 pid=1793] Successfully activated service 'org.gnome.Shell.Screencast'
-Sep 28 15:36:59 redhat9.ittraining.loc kernel: No NUMA configuration found
+Sep 28 15:39:43 redhat9.ittraining.loc /usr/sbin/irqbalance[754]: Cannot change IRQ 27 affinity: Input/output error
---More--
+lines 1-55
-[q]
 </code>
@@ Ligne 1796: / Ligne 1793: @@
 In the case of a network server, it is often important to keep the machine's time accurate in order to simplify synchronisation with laptops or external file systems. To accomplish this task, we use the services of public time servers available on the Internet, to which we synchronise our server clock. Similarly, the machines on our network can then synchronise with the time on our server.
-The protocol used is called **NTP **( **Network Time Protocol **) which uses port **123**. This allows synchronisation with several public servers. The root time servers are called **Strate 1** servers. Below them are Strate 2, Strate 3 and so on.
+The protocol used is called **NTP **( **Network Time Protocol **) which uses port **123**. This allows synchronisation with several public servers. The root time servers are called **Stratum 1** servers. Below them are Stratum 2, Stratum 3 and so on.
 <WRAP center round important>

Piste : • LCF504 - Gestion des Disques, des Systèmes de Fichiers et du Swap • CC200 - CloudStack • LRF404 - Balayage des Ports • LCF607 - Gestion de KVM et des VMs • Gestion des Serveurs DNS, NTP, FTP et DHCP • LCF511 - Gestion des Paramètres du matériel et les Ressources • LCF903 - Scripting Shell

Différences

Recherche

Imprimer/exporter

Menu