Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- systemd_journalctl [02/03/2023 - 12:05] – thommie4
+++ systemd_journalctl [17/08/2024 - 07:06] (aktuell) – Externe Bearbeitung 127.0.0.1
@@ Zeile 7: / Zeile 7: @@
 Alle services listen
 <code>
 systemctl list-units --type=service
 </code>
@@ Zeile 16: / Zeile 17: @@
 <code>
 systemctl list-units --type=service --state=active
 </code>
 oder Gesamtüberblick über alle, die gerade laufen
 <code>
 # systemctl list-units --type=service --state=running
 OR
 # systemctl --type=service --state=running
 </code>
 ===== netstat =====
 Welche Ports werden benutzt?
 <code>
 root@radius01:~# netstat -ltup | grep radius
 udp        0      0 0.0.0.0:53441           0.0.0.0:*                           554/freeradius
 udp        0      0 0.0.0.0:18120           0.0.0.0:*                           554/freeradius
 udp        0      0 0.0.0.0:radius          0.0.0.0:*                           554/freeradius
 udp        0      0 0.0.0.0:radius-acct     0.0.0.0:*                           554/freeradius
 udp6       0      0 [::]:radius             [::]:*                              554/freeradius
 udp6       0      0 [::]:radius-acct        [::]:*                              554/freeradius
 udp6       0      0 [::]:42906              [::]:*                              554/freeradius
 </code>
-====== Logging mit Journalctl ======
+===== Journalctl =====
 Siehe [[https://www.freedesktop.org/software/systemd/man/systemd-analyze.html|https://www.freedesktop.org/software/systemd/man/systemd-analyze.html]]
@@ Zeile 55: / Zeile 59: @@
 Auswählen eines bestimmten Bootvorgangs
-Some of the most compelling advantages of systemd are those involved with process and system logging. When using other tools, logs are usually dispersed throughout the system, handled by different daemons and processes, and can be fairly difficult to interpret when they span multiple applications. Systemd attempts to address these issues by providing a centralized management solution for logging all kernel and userland processes. The system that collects and manages these logs is known as the journal.
+Basic Log Viewing
-The journal is implemented with the journald daemon, which handles all of the messages produced by the kernel, initrd, services, etc. In this guide, we will discuss how to use the journalctl utility, which can be used to access and manipulate the data held within the journal. General Idea
+Auflisten der Logs **vor** dem letzten Bootvorgang
+<code>
+''journalctl -b -1''
-One of the impetuses behind the systemd journal is to centralize the management of logs regardless of where the messages are originating. Since much of the boot process and service management is handled by the systemd process, it makes sense to standardize the way that logs are collected and accessed. The journald daemon collects data from all available sources and stores them in a binary format for easy and dynamic manipulation.
+</code>
+Dasselbe, aber gefiltert auf kernel logs
-This gives us a number of significant advantages. By interacting with the data using a single utility, administrators are able to dynamically display log data according to their needs. This can be as simple as viewing the boot data from three boots ago, or combining the log entries sequentially from two related services to debug a communication issue.
+<code>''journalctl -b -1 -k''
-Storing the log data in a binary format also means that the data can be displayed in arbitrary output formats depending on what you need at the moment. For instance, for daily log management you may be used to viewing the logs in the standard syslog format, but if you decide to graph service interruptions later on, you can output each entry as a JSON object to make it consumable to your graphing service. Since the data is not written to disk in plain text, no conversion is needed when you need a different on-demand format.
+</code>
+Mit "GG" wird das Ende des jeweiligen Logs erreicht, also die **letzten Zeilen vor dem Reboot**
-The systemd journal can either be used with an existing syslog implementation, or it can replace the syslog functionality, depending on your needs. While the systemd journal will cover most administrator's logging needs, it can also complement existing logging mechanisms. For instance, you may have a centralized syslog server that you use to compile data from multiple servers, but you also may wish to interleave the logs from multiple services on a single system with the systemd journal. You can do both of these by combining these technologies. Setting the System Time
+To see the logs that the journald daemon has collected, use the journalctl command. When used alone, every journal entry that is in the system will be displayed within a pager (usually less) for you to browse. The oldest entries will be up top:
-One of the benefits of using a binary journal for logging is the ability to view log records in UTC or local time at will. By default, systemd will display results in local time.
-Because of this, before we get started with the journal, we will make sure the timezone is set up correctly. The systemd suite actually comes with a tool called timedatectl that can help with this.
-First, see what timezones are available with the list-timezones option:
-''timedatectl list-timezones ''
-This will list the timezones available on your system. When you find the one that matches the location of your server, you can set it by using the set-timezone option:
-''sudo timedatectl set-timezone zone ''
-To ensure that your machine is using the correct time now, use the timedatectl command alone, or with the status option. The display will be the same:
-''timedatectl status '''' Local time: Thu 2015-02-05 14:08:06 EST Universal time: Thu 2015-02-05 19:08:06 UTC RTC time: Thu 2015-02-05 19:08:06 Time zone: America/New_York (EST, -0500) NTP enabled: no ''
-NTP synchronized: no RTC in local TZ: no
-''DST active: n/a ''
-The first line should display the correct time.
-===== Basic Log Viewing =====
-To see the logs that the journald daemon has collected, use the journalctl command.
-When used alone, every journal entry that is in the system will be displayed within a pager (usually less) for you to browse. The oldest entries will be up top:
 ''journalctl ''
@@ Zeile 457: / Zeile 437: @@
 [Unit] Wants=network-online.target After=network.target network-online.target That's for the unit file of your service and for systemd.