Centos日志处理

今天检查系统日志发现有,日志中都是以下格式的日志:

公司主营业务:网站建设、成都网站建设、移动网站开发等业务。帮助企业客户真正实现互联网宣传,提高企业的竞争能力。创新互联建站是一支青春激扬、勤奋敬业、活力青春激扬、勤奋敬业、活力澎湃、和谐高效的团队。公司秉承以“开放、自由、严谨、自律”为核心的企业文化,感谢他们对我们的高要求,感谢他们从不同领域给我们带来的挑战,让我们激情的团队有机会用头脑与智慧不断的给客户带来惊喜。创新互联建站推出宣恩免费做网站回馈大家。

Apr 22 09:26:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=14006 duration=0(sec)

Apr 22 09:26:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=14316 duration=1(sec)

Apr 22 09:26:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=14323 duration=1(sec)

Apr 22 09:26:27 jsmapp4 xinetd[3158]: START: nrpe pid=15937 from=::ffff:192.168.1.60

Apr 22 09:26:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=15937 duration=0(sec)

Apr 22 09:27:19 jsmapp4 pptp[27991]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received.

Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7318 from=::ffff:192.168.1.60

Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7327 from=::ffff:192.168.1.60

Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7332 from=::ffff:192.168.1.60

Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7318 duration=0(sec)

Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7327 duration=0(sec)

Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7332 duration=0(sec)

Apr 22 09:27:26 jsmapp4 xinetd[3158]: START: nrpe pid=7652 from=::ffff:192.168.1.60

Apr 22 09:27:26 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=7652 duration=0(sec)

Apr 22 09:27:27 jsmapp4 xinetd[3158]: START: nrpe pid=8952 from=::ffff:192.168.1.60

Apr 22 09:27:27 jsmapp4 xinetd[3158]: EXIT: nrpe status=0 pid=8952 duration=0(sec)

 

通过分析以上日志发现:

xinetd是新一代的网络守护进程服务程序,又叫超级Internet服务器,常用来管理多种轻量级Internet服务。

这个进程来自于192.168.1.60这个ip,明显是内网ip,以前没有发现这个问题,奇怪。

去60这台服务器查看发现,有nagios警告的日志:

Apr 22 09:50:02 jsmbak1 nagios: Warning: The check of host 'jsmapp1' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the host...

Apr 22 09:50:24 jsmbak1 nagios: Warning: The check of service 'check_mem' on host 'jsmapp4' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the service...

Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'Current Load' on host 'Nagios-Server' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the service...

Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'SSH' on host 'Nagios-Server' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the service...

Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'Total Processes' on host 'Nagios-Server' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the service...

Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'HTTP' on host 'jsmapp2' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the service...

Apr 22 09:51:02 jsmbak1 nagios: Warning: The check of service 'HTTP' on host 'jsmapp3' looks like it was orphaned (results never came back).  I'm scheduling an immediate check of the service...

Apr 22 09:51:46 jsmbak1 xinetd[16796]: START: nrpe pid=17625 from=::ffff:127.0.0.1

Apr 22 09:51:46 jsmbak1 xinetd[16796]: EXIT: nrpe status=0 pid=17625 duration=0(sec)

Apr 22 09:52:50 jsmbak1 xinetd[16796]: START: nrpe pid=17890 from=::ffff:127.0.0.1

Apr 22 09:52:50 jsmbak1 xinetd[16796]: EXIT: nrpe status=0 pid=17890 duration=0(sec)

 

Nagios是一款开源的免费网络监视工具,能有效监控Windows、Linux和Unix的主机状态、交换机、路由器等网络设置,打印机等。

Nagios可以监控的功能有: 

1、监控网络服务(SMTP、POP3、HTTP、NNTP、PING等);

2、监控主机资源(处理器负荷、磁盘利用率等);

3、简单地插件设计使得用户可以方便地扩展自己服务的检测方法;

4、并行服务检查机制;

5、具备定义网络分层结构的能力,用"parent"主机定义来表达网络主机间的关系,这种关系可被用来发现和明晰主机宕机或不可达状态;

6、当服务或主机问题产生与解决时将告警发送给联系人(通过EMail、短信、用户定义方式);

7、具备定义事件句柄功能,它可以在主机或服务的事件发生时获取更多问题定位;

8、自动的日志回滚;

9、可以支持并实现对主机的冗余监控;

10、可选的WEB界面用于查看当前的网络状态、通知和故障历史、日志文件等;

 

查看nagios进程发现,有多个进程

[root@jsmbak1 ~]# ps -ef|grep "bin/nagios"

root      4913  4095  0 11:12 pts/2    00:00:00 grep bin/nagios

nagios    5146     1  0 Feb18 ?        01:12:40 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg

nagios    5286     1  0 Feb19 ?        01:15:13 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg

nagios    9767     1  0 Feb18 ?        01:13:52 /usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg

 

使用[nagios@jsmbak1 ~]$ killall nagios,杀掉所有nagios,然后重启

/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg

 

如果想停止nrpe服务在xinetd下的日志输出

修改配置文件,禁用成功状态下的日志

 

[root@jsmapp3 tomcat]# vi /etc/xinetd.conf

# Define general logging characteristics.

        log_type        = SYSLOG daemon info

        log_on_failure  = HOST

#       log_on_success  = PID HOST DURATION EXIT

 

重新服务xinetd后再次查看日志,不再出现nrpe相关日志

[root@jsmapp3 tomcat]# service xinetd restart

Stopping xinetd: [  OK  ]

Starting xinetd: [  OK  ]

网站名称:Centos日志处理
当前路径:https://www.cdcxhl.com/article30/ijogpo.html

成都网站建设公司_创新互联,为您提供建站公司网站导航全网营销推广网站设计公司网站改版域名注册

广告

声明:本网站发布的内容(图片、视频和文字)以用户投稿、用户转载内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服。电话:028-86922220;邮箱:631063699@qq.com。内容未经允许不得转载,或转载时需注明来源: 创新互联

h5响应式网站建设