Updated some formatting and added a log checker page
This commit is contained in:
parent
bee36a5296
commit
c566f3b637
@ -1,8 +1,6 @@
|
|||||||
# Basics
|
# Basics
|
||||||
|
|
||||||
|
Basics of how the linux shell can be used to interact with programs
|
||||||
Basics of the Linux Shell
|
|
||||||
|
|
||||||
|
|
||||||
## Streams
|
## Streams
|
||||||
|
|
||||||
@ -17,7 +15,7 @@ STREAM ID STREAM NAME STREAM USE
|
|||||||
2 STDERR Used to receive errors from the program
|
2 STDERR Used to receive errors from the program
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Standard Input
|
### Standard Input
|
||||||
|
|
||||||
Standard input is how we send input to an program it is also how we interact with the command line shell (Usually [`bash`](/Linux/bash.md))
|
Standard input is how we send input to an program it is also how we interact with the command line shell (Usually [`bash`](/Linux/bash.md))
|
||||||
|
|
||||||
@ -27,15 +25,15 @@ The STDIN stream can also be refrenced by the '-' char in a command line program
|
|||||||
|
|
||||||
One thing that makes the linux command line so powerfull is the suite of commands that is provided all work using STDIN, STDOUT and STDERR you can pipe information from one stream to another (i.e the STDOUT from one program can be in STDIN to another)
|
One thing that makes the linux command line so powerfull is the suite of commands that is provided all work using STDIN, STDOUT and STDERR you can pipe information from one stream to another (i.e the STDOUT from one program can be in STDIN to another)
|
||||||
|
|
||||||
### Input Redirection
|
#### Input Redirection
|
||||||
|
|
||||||
You can use redirection to send information to a program using the '<' symbol i.e `cat < file` this will push the contents of 'file' to cat using STDIN
|
You can use redirection to send information to a program using the '<' symbol i.e `cat < file` this will push the contents of 'file' to cat using STDIN
|
||||||
|
|
||||||
#### Standard Output
|
### Standard Output
|
||||||
|
|
||||||
Standard output is how we get the output from a program, usually this is printed directly to the terminal
|
Standard output is how we get the output from a program, usually this is printed directly to the terminal
|
||||||
|
|
||||||
### Output Redirection
|
#### Output Redirection
|
||||||
|
|
||||||
You can redirect the STDOUT of a program is a few ways you can use the '>' symbol to push the information from the programs output and saves it in a file for example `ls > filelist` will take the output of ls and saves it in the filelist file
|
You can redirect the STDOUT of a program is a few ways you can use the '>' symbol to push the information from the programs output and saves it in a file for example `ls > filelist` will take the output of ls and saves it in the filelist file
|
||||||
|
|
||||||
@ -43,18 +41,18 @@ You can also redirect the STDOUT of one program to another programs STDIN using
|
|||||||
|
|
||||||
For example you can use `ls -alh | grep filename` this will list the files in the current directory and then passes the STDOUT to the STDIN for grep, this causes grep to use the output of ls as the input data to work with so the output of ls is searched for the string 'filename'
|
For example you can use `ls -alh | grep filename` this will list the files in the current directory and then passes the STDOUT to the STDIN for grep, this causes grep to use the output of ls as the input data to work with so the output of ls is searched for the string 'filename'
|
||||||
|
|
||||||
#### Standard Error
|
### Standard Error
|
||||||
|
|
||||||
Standard error is how error messages are sent between programs or displayed to the user
|
Standard error is how error messages are sent between programs or displayed to the user
|
||||||
|
|
||||||
As this is a different to STDOUT you will still get output to the terminal if you redirect using the '>' symbol
|
As this is a different to STDOUT you will still get output to the terminal if you redirect using the '>' symbol
|
||||||
|
|
||||||
### Error Redirection
|
#### Error Redirection
|
||||||
|
|
||||||
Errors can be redirected using the following '2>' this specifies the stream to redirect and the direction
|
Errors can be redirected using the following '2>' this specifies the stream to redirect and the direction
|
||||||
|
|
||||||
For example you can redirect errors of an program to an error log file using '2> error.log' so a command that uses this would look like `find / -name "filename" 2> errors.log` this would make an error.log in the directory you are in and save the errors in a log and show the results from STDOUT on the screen (In this example the errors that you would see are `Permission Denied` errors)
|
For example you can redirect errors of an program to an error log file using '2> error.log' so a command that uses this would look like `find / -name "filename" 2> errors.log` this would make an error.log in the directory you are in and save the errors in a log and show the results from STDOUT on the screen (In this example the errors that you would see are `Permission Denied` errors)
|
||||||
|
|
||||||
#### More redirection tips
|
### More redirection tips
|
||||||
|
|
||||||
You can do quite a bit with piping and redirection, using these basics you will be able to do quite a bit in the bash shell I have created some examples both to show how programs can work together and provide some real world examples on what it can be used for [here](/examples/redirection)
|
You can do quite a bit with piping and redirection, using these basics you will be able to do quite a bit in the bash shell I have created some examples both to show how programs can work together and provide some real world examples on what it can be used for [here](/examples/redirection)
|
||||||
|
|||||||
30
docs/Troubleshooting/checkinglogs.md
Normal file
30
docs/Troubleshooting/checkinglogs.md
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
# Checking log files
|
||||||
|
|
||||||
|
The best way to see what a program is doing is to see what is in the logs for the particular program, by defaul logs are in the `/var/log` directory but they can also be in others as well
|
||||||
|
|
||||||
|
## Common log locations
|
||||||
|
|
||||||
|
| Service | Log location | What is logged |
|
||||||
|
|---------|--------------|----------------|
|
||||||
|
| Apache | /usr/local/apache/logs/error_log | Errors reported by Apache/PHP |
|
||||||
|
| Apache | /usr/local/apache/logs/stderr.log | Errors that are returned from STDERR |
|
||||||
|
| Exim | /var/log/mainlog | All connections and transactions for emails on the server |
|
||||||
|
| Dovecot | /var/log/maillog | All connections for incoming mail connections |
|
||||||
|
| lfd | /var/log/lfd.log | All firewall blocksk will be reported here along with the reason |
|
||||||
|
| ModSec | /usr/local/apache/modsec_audit.log | Any hits for the ModSec system will be logged here with the IP the rule and the data that triggered the rule |
|
||||||
|
|
||||||
|
## Reading logs
|
||||||
|
|
||||||
|
You can read the log files using command line programs like `cat` and `less`, cat will just print the file to the terminal where less will open the file up in a [pager](/Commands/pagers), this allows for things like searching without closing the logs
|
||||||
|
|
||||||
|
You can open a log with something like `less /var/log/mainlog` this will allow you to read over the log and search for the information that you wanted
|
||||||
|
|
||||||
|
You can also use `grep` to filter the logs for the information that you are looking for see [Grep Examples](/Examples/grep) for some more information on doing this
|
||||||
|
|
||||||
|
If you wanted to watch the logs live as you are testing something you can use the `tail -f` command to watch the log in real time
|
||||||
|
|
||||||
|
## Reading Archived logs
|
||||||
|
|
||||||
|
The Archived logs will usually be in a compressed gzip format with the date code and the .gz extenstion.
|
||||||
|
|
||||||
|
You can read these logs by either uncompressing them using `gzip -d` or you can use some handy versions of commands like `cat` and `grep` that are built to work with compression, these are `zcat` and `zgrep`
|
||||||
@ -14,10 +14,10 @@ In these situations we will usually see a high connection count for certain serv
|
|||||||
* POP3 (Incoming Email Service)
|
* POP3 (Incoming Email Service)
|
||||||
* FTP (File Transport Service)
|
* FTP (File Transport Service)
|
||||||
|
|
||||||
##HTTP
|
## HTTP
|
||||||
|
|
||||||
Finding IP addresses connecting to HTTP is quite easy, all you should need to do is tail access logs to find the IP addresses
|
Finding IP addresses connecting to HTTP is quite easy, all you should need to do is tail access logs to find the IP addresses
|
||||||
|
|
||||||
You can use a command like `tail -f /home/*/access-logs/* | awk '{print $1}'` to get a live update on connections via HTTP/HTTPS on the server. [For more information on the commands used click here](/Commands/commands.md) *__Note: This will only check sites in /home__*
|
You can use a command like `tail -f /home/*/access-logs/* | awk '{print $1}'` to get a live update on connections via HTTP/HTTPS on the server. [For more information on the commands used click here](/Commands/commands.md) *__Note: This will only check sites in /home__*
|
||||||
|
|
||||||
##SMTP
|
## SMTP
|
||||||
@ -12,6 +12,13 @@ This is a compendium of all the useless facts, tips, tricks and commands that I
|
|||||||
|
|
||||||
------------------------------------
|
------------------------------------
|
||||||
|
|
||||||
[Linux Shell Basics](/Linux/shellbasics)
|
- Linux
|
||||||
|
- [Linux Shell Basics](/Linux/shellbasics)
|
||||||
|
- [Scripting](/Linux/scripting)
|
||||||
|
|
||||||
[Commands](/Commands/commands)
|
[Commands](/Commands/commands)
|
||||||
|
|
||||||
|
- Troubleshooting
|
||||||
|
- [Common DNS Issues](/Troubleshooting/dns)
|
||||||
|
- [Server Connections](/Troubleshooting/connections)
|
||||||
|
- [Checking logs](/Troubleshooting/checkinglogs)
|
||||||
Loading…
x
Reference in New Issue
Block a user