* Main messages in the system log;
/Listaa tärkeimmät viestit lokista (laita lokit näytölle ja aiheuta itse lokitapahtumia; tee selkeä kooste)
* Processes management (commands, process names and so on);
/Tarina prosessien hallinnasta (tee koneella; nimeä käskyt, prosessit jne)
* Draw some diagrams, displaying the processes (e.g., munin).
/Piirrä käyriä koneen tilasta (esim., munin)
System logs are mainly ordinary text files, which are in traditional system log directory /var/log. That’ll be our main working directory for now, and the most interesting logs in it would be auth.log and syslog.
located at /var/log/syslog, contains information on the whole Ubuntu system.
the autorization log, is a log file for tracking users’ login processes and sudo -command usage.
To see log files all you need is just a text viewer, even an editor would be an overkill. But you might probably prefer to use commands like less (shows a text file scren et a time), tail (presents end lines of a file) or head (outputs first lines of a file). And of course, grep -tool is a nice one to search for some specific information.
So here is the list of these terminal commands:
less, tail, head, grep, top;
a tool to view the final lines of a text file (here: log),
tail -F /var/log/auth
tail -5 /var/log/auth
tail -F /var/log/auth
tail -F /var/log/auth |grep username
a command to filter out lines with the spesified term (the seach term is put after the grep -command):
grep justas /var/log/auth.log
grep “session opened” /var/log/auth.log
System tool to see running processes and used resources:
Also more versatile commands like top, ps, pstree can be used:
a terminal command to see system running processes in real time, which gives an output like this:
When viewing this output, it’s easy to kill a certain process (if it’s consuming too much of CPU resources or memory): press ‘k’ and then give the process PID.
viewing running processes with their equivalent id’s (PID). To see all the running processes, type:
To kill a certain process user needs to know PID (process ID) and then has to run command like:
kill xxxx (PID number instead of xxxx)
To check if the process has been really killed, run one of these commands
If it’s still running, then forceful option must be added:
kill -9 xxxx (again, xxxx is the number of the process to be killed)
In-depth material on system log, administrator tools and terminal commands: