[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Solaris log files

To: Steve DeBord <debord@liebhardt.com>
Subject: Re: Solaris log files
From: Forrest Houston <fhouston@east.isi.edu>
Date: Sat, 20 Feb 1999 09:54:28 -0500 (Eastern Standard Time)
cc: sage-members@usenix.org
In-Reply-To: <36CDE90C.8AB002B0@netscape.com>
Sender: owner-sage-members@usenix.org

On Fri, 19 Feb 1999, Stefan Jang wrote:

> Steve DeBord wrote:
> 
> > Greetings Sage Members,
> >
> > Being the newly appointed Sysadmin for our Sun Ultra Enterprise system, I
> > was wondering if anyone has any suggestions regarding the logs that need
> > checked on a daily/weekly basis.  Our server is running Solaris 2.5.1.
> >
> > Suggestions?
> >
> 
> I think, /var/adm/messages is a good start...
> and then there are other log files located in /var/adm directory....
> 
> That's my 2 cents...
> 

One that took me awhile to find when I first started was the /var/cron/log
file.  This can be helpful if you use a lot of cron jobs.

Someone else already mentioned it, but I would 2nd the use of a program
like "swatch".  It can help you quickly weed through the file and find
what you are looking for.

What I've found is helpful is to setup a couple of cron jobs to process
the logs you are interested in (syslog, messages, http logs, etc).  Run it
through swatch, then "cat" the entire log, and pipe everything to a mail
message.  You should probably still spot check the logs periodically
especially if you think something may be wrong (wrt security or system
problems)....

IMHO
Forrest

References:
- Re: Solaris log files
  - From: Stefan Jang <stefan@netscape.com>

Prev by Date: Re: Solaris log files
Next by Date: Re: Solaris log files
Prev by thread: Re: Solaris log files
Next by thread: Re: Solaris log files
Index(es):
- Date
- Thread