Este contenido no está disponible en el idioma seleccionado.
Chapter 25. Viewing and Managing Log Files
Log files are files that contain messages about the system, including the kernel, services, and applications running on it. There are different log files for different information. For example, there is a default system log file, a log file just for security messages, and a log file for cron tasks.
Log files can be very useful when trying to troubleshoot a problem with the system such as trying to load a kernel driver or when looking for unauthorized login attempts to the system. This chapter discusses where to find log files, how to view log files, and what to look for in log files.
Some log files are controlled by a daemon called
rsyslogd
. The rsyslogd
daemon is an enhanced replacement for previous sysklogd, and provides extended filtering, encryption protected relaying of messages, various configuration options, input and output modules, support for transportation via the TCP
or UDP
protocols. Note that rsyslog is compatible with sysklogd.
25.1. Installing rsyslog
Version 5 of rsyslog, provided in the rsyslog package, is installed by default in Red Hat Enterprise Linux 6. If required, to ensure that it is, issue the following command as
root
:
~]# yum install rsyslog
Loaded plugins: product-id, refresh-packagekit, subscription-manager
Package rsyslog-5.8.10-10.el6_6.i686 already installed and latest version
Nothing to do
25.1.1. Upgrading to rsyslog version 7
Version 7 of rsyslog, provided in the rsyslog7 package, is available in Red Hat Enterprise Linux 6. It provides a number of enhancements over version 5, in particular higher processing performance and support for more plug-ins. If required, to change to version 7, make use of the
yum shell
utility as described below.
Procedure 25.1. Upgrading to rsyslog 7
To upgrade from rsyslog version 5 to rsyslog version 7, it is necessary to install and remove the relevant packages simultaneously. This can be accomplished using the
yum shell
utility.
- Enter the following command as
root
to start the yum shell:~]#
The yum shell prompt appears.yum shell
Loaded plugins: product-id, refresh-packagekit, subscription-manager > - Enter the following commands to install the rsyslog7 package and remove the rsyslog package.
>
install rsyslog7
>remove rsyslog
- Enter
run
to start the process:>
run
--> Running transaction check ---> Package rsyslog.i686 0:5.8.10-10.el6_6 will be erased ---> Package rsyslog7.i686 0:7.4.10-3.el6_6 will be installed --> Finished Dependency Resolution ============================================================================ Package Arch Version Repository Size ============================================================================ Installing: rsyslog7 i686 7.4.10-3.el6_6 rhel-6-workstation-rpms 1.3 M Removing: rsyslog i686 5.8.10-10.el6_6 @rhel-6-workstation-rpms 2.1 M Transaction Summary ============================================================================ Install 1 Package Remove 1 Package Total download size: 1.3 M Is this ok [y/d/N]:y
- Enter
y
when prompted to start the upgrade. - When the upgrade is completed, the
yum shell
prompt is displayed. Enterquit
orexit
to exit the shell:Finished Transaction >
quit
Leaving Shell ~]#
For information on using the new syntax provided by rsyslog version 7, see Section 25.4, “Using the New Configuration Format”.