SUSE Linux Enterprise Desktop Administration Chapter 10 Monitor
- Slides: 65
SUSE Linux Enterprise Desktop Administration Chapter 10 Monitor the Linux System and Control Processes and Services
Objectives • Objective 1—Gather Information on a SUSE Linux Enterprise Desktop 10 System • Objective 2—Use System Logging Services • Objective 3—Monitor Login Activity • Objective 4—View and Manage Processes • Objective 5—Schedule Jobs SUSE Linux Enterprise Desktop Administration 2
Objective 1—Gather Information on a SUSE Linux Enterprise Desktop 10 System • In this objective, you are introduced to tools that help you discover information on your hardware and Linux systems: – – Boot Log Information Hardware Information (/proc/) Hardware Information (Command-Line Utilities) System and Process Information (Command-Line Utilities) – Monitor Hard Drive Space SUSE Linux Enterprise Desktop Administration 3
Boot Log Information • Boot messages are written to the /var/log/boot. msg file • The dmesg command is used to view the current content of the kernel ring buffer – dmesg |less allows you to scroll up and down in the output • The output of dmesg shows messages generated during the initialization of the hardware by the kernel or kernel modules – The /var/log/boot. msg file contains additional information beyond what you can display with dmesg SUSE Linux Enterprise Desktop Administration 4
Hardware Information (/proc/) • The /proc/ directory contains a lot of information on the running system – Including hardware information stored in the kernel memory space • The following are some of the filenames commonly used to generate information: – – /proc/devices /proc/cpuinfo /proc/ioports /proc/interrupts SUSE Linux Enterprise Desktop Administration 5
Hardware Information (/proc/) (continued) • The following are some of the filenames commonly used to generate information: (continued) – /proc/dma – /proc/bus/pci/devices – /proc/scsi SUSE Linux Enterprise Desktop Administration 6
Hardware Information (Command-Line Utilities) • You can use the following utilities from the command line to view information about the hardware on your Linux system: – – – hwinfo hdparm fdisk lspci siga (System Information Gathering) SUSE Linux Enterprise Desktop Administration 7
System and Process Information (Command-Line Utilities) • uptime – Displays the current time, the length of time the system has been running, the number of users on the system, and the average number of jobs in the run queue over the last 1, 5, and 15 minutes • netstat – Displays which network ports are offering services and what connections are established – netstat options are shown in Table 10 -1 SUSE Linux Enterprise Desktop Administration 8
System and Process Information (Command-Line Utilities) (continued) Table 10 -1 Options for the netstat command SUSE Linux Enterprise Desktop Administration 9
System and Process Information (Command-Line Utilities) (continued) • uname – Displays the current kernel version SUSE Linux Enterprise Desktop Administration 10
Monitor Hard Drive Space • The df command – Provides information on where hard drives and their partitions or other drives are mounted in the file system and how much space they occupy • The du command – Provides information on the space occupied by files and directories • As a graphical tool equivalent to df, you can use the GNOME System Monitor (Computer > More Applications > System > Devices) SUSE Linux Enterprise Desktop Administration 11
Figure 10 -1 The GNOME System Monitor SUSE Linux Enterprise Desktop Administration 12
Exercise 10 -1: Gather Information on Your SUSE Linux Enterprise Desktop 10 • In this exercise, you get information on the computer you are using • Use several of the administration tools covered to gather the following information on your SUSE Linux Enterprise Desktop 10 SUSE Linux Enterprise Desktop Administration 13
Objective 2—Use System Logging Services • A Linux system has many logs that track various aspects of system operation • System logs in /var/log/ track system-level events • To use system logging services, you need to understand the following: – The Syslog Daemon syslog-ng – Important Log Files – Archive Log Files (logrotate) SUSE Linux Enterprise Desktop Administration 14
The Syslog Daemon syslog-ng • The syslog daemon syslog-ng is used by many services to log system events • syslog-ng is the new-generation syslogd • The main advantage of syslog-ng over syslogd – Capability to filter messages not only based on facilities and priorities, but also based on the content of each message • The syslog daemon accepts messages from system services and other hosts – Logs them based on settings in the configuration files SUSE Linux Enterprise Desktop Administration 15
The Syslog Daemon syslog-ng (continued) • The /etc/syslog-ng. conf file is generated by Su. SEconfig from /etc/syslog-ng. conf. in • /etc/sysconfig/syslog file – Contains general parameters applicable to syslog-ng as well as syslogd • /etc/syslog-ng. conf. in – The template used to create /etc/syslog-ng/syslogng. conf SUSE Linux Enterprise Desktop Administration 16
The Syslog Daemon syslog-ng (continued) • /etc/syslog-ng. conf – The configuration of syslog-ng consists of several parts that are combined to configure which information is logged where – Sources – Filters – Destinations – Log Paths – Facilities – Refer to the subsystem that provides the corresponding message SUSE Linux Enterprise Desktop Administration 17
Table 10 -3 Facilities used by syslog SUSE Linux Enterprise Desktop Administration 18
The Syslog Daemon syslog-ng (continued) • Priorities – Give details about the urgency of the message Table 10 -4 Priorities used by syslog SUSE Linux Enterprise Desktop Administration 19
The Syslog Daemon syslog-ng (continued) • Sources – Collections of source drivers that collect messages using a given method – Used to gather log messages – The general syntax is as follows: source identifier { src-driver{params}; . . . }; SUSE Linux Enterprise Desktop Administration 20
The Syslog Daemon syslog-ng (continued) • Filters – Boolean expressions that are applied to messages and are evaluated as either true or false – The general syntax is as follows: filter identifier { expression; }; – The identifier has to be unique within the configuration and is used later to configure the actual logging SUSE Linux Enterprise Desktop Administration 21
The Syslog Daemon syslog-ng (continued) • Destinations – Define where messages can be logged – The general syntax is as follows: destination <identifier> { destination-driver(params); . . . }; SUSE Linux Enterprise Desktop Administration 22
The Syslog Daemon syslog-ng (continued) • Log Paths – The point where it all comes together – Define which messages are logged where, depending on source, filter, and destination – The general syntax is as follows: log { source(s 1); source(s 2); . . . filter(f 1); filter(f 2); . . . destination(d 1); destination(d 2); . . . flags(flag 1[, flag 2. . . ]); }; SUSE Linux Enterprise Desktop Administration 23
Important Log Files • Most messages are written to the /var/log/messages file • /var/log/audit. log is the log file for App. Armor messages • Firewall messages are logged in /var/log/firewall • The best approach for reading the log files from the command line is to use the tail command – By using tail -n, you can specify the number of lines to display SUSE Linux Enterprise Desktop Administration 24
Table 10 -5 Log files stored in the /var/log/ directory SUSE Linux Enterprise Desktop Administration 25
Archive Log Files (logrotate) • It is important to ensure that log files do not get too large • The size and age of log files are monitored automatically by the logrotate program (/usr/sbin/logrotate) • Can configure the settings in the files to indicate whether files should be compressed or deleted in regular intervals or when a specified size is reached • Can configure how many compressed versions of a log file are kept over a specified period of time SUSE Linux Enterprise Desktop Administration 26
Archive Log Files (logrotate) (continued) • The configuration file of logrotate is /etc/logrotate. conf Table 10 -6 Options in the /etc/logrotate. conf file SUSE Linux Enterprise Desktop Administration 27
Archive Log Files (logrotate) (continued) • Many RPM packages contain preconfigured files for evaluation by logrotate – These files are stored in /etc/logrotate. d/ • Any settings in the logrotate. d files supersede the general settings in logrotate. conf • Must list the files that you want to be monitored in entries in the /etc/logrotate. conf file • The syslog and syslog-ng files in /etc/logrotate. d/ – Contain settings for configuring how the log files written by syslog (syslogd or syslog-ng) will be treated SUSE Linux Enterprise Desktop Administration 28
Archive Log Files (logrotate) (continued) Table 10 -6 Options in the /etc/logrotate. d/ files SUSE Linux Enterprise Desktop Administration 29
Exercise 10 -2: Manage System Logging • In this exercise, you practice configuring syslog-ng and logrotate SUSE Linux Enterprise Desktop Administration 30
Objective 3—Monitor Login Activity • One of the most critical tasks you have as an administrator: – Make sure that you notice and act upon any suspicious activity on your system • To monitor login activity, use the following commands: – – – who w finger lastlog SUSE Linux Enterprise Desktop Administration 31
Objective 4—View and Manage Processes • To manage processes on your SUSE Linux Enterprise Desktop, you need to know the following: – – – – Understand Process Definitions Learn Jobs and Processes Manage Foreground and Background Processes View and Prioritize Processes End a Process Understand Services (Daemons) Manage a Daemon Process SUSE Linux Enterprise Desktop Administration 32
Understand Process Definitions • The following terms are used to describe Linux processes: – Program—A structured set of commands stored in an executable file on a Linux file system – Process—A program that is loaded into memory and executed by the CPU – User process—A process launched by a user that is started from a terminal or within the graphical environment – Daemon process—A system process that is not associated with a terminal or a graphical environment SUSE Linux Enterprise Desktop Administration 33
Figure 10 -2 Relationship between daemon processes and user processes SUSE Linux Enterprise Desktop Administration 34
Understand Process Definitions (continued) • Properties of a process: – – Process ID (PID) Child process Parent Process ID (PPID) SUSE Linux Enterprise Desktop Administration 35
Understand Process Definitions (continued) Figure 10 -3 The relationship between parent and child process ID numbers SUSE Linux Enterprise Desktop Administration 36
Learn Jobs and Processes • Job identifier (job ID) – A numeric value that identifies the running program uniquely within that shell • Each process is identified using a process ID (PID) that is unique across the entire system • All jobs have a PID, but not all processes have a usable job ID • PID 1 always belongs to the init process • When performing tasks such as changing the priority level of a running program, use the PID SUSE Linux Enterprise Desktop Administration 37
Manage Foreground and Background Processes • Processes executed in the foreground – Started in a terminal window and run until the process is completed • Background process execution – Occurs when a process is started and the terminal window returns to a prompt before the process finishes executing • Existing processes can be switched from foreground to background execution SUSE Linux Enterprise Desktop Administration 38
Manage Foreground and Background Processes (continued) • Commands in a shell can be started in the foreground or in the background • Continue running a stopped process in the background by entering bg • Appending an ampersand to a command starts the process in the background • Each process started from the shell is assigned a job ID by the job control of the shell • Switch a process to the foreground by entering fg job_ID SUSE Linux Enterprise Desktop Administration 39
View and Prioritize Processes • ps – View running processes with the ps (process status) command Table 10 -8 Some commonly used options with ps SUSE Linux Enterprise Desktop Administration 40
View and Prioritize Processes (continued) Table 10 -9 Some of the fields (columns) in the process list SUSE Linux Enterprise Desktop Administration 41
View and Prioritize Processes (continued) Table 10 -10 Values for the STAT process state SUSE Linux Enterprise Desktop Administration 42
View and Prioritize Processes (continued) • pstree – Displays a list of processes in the form of a tree structure – Gives you an overview of the hierarchy of a process • nice and renice – The nice command assigns a process a specific nice value that affects the calculation of the process priority – The lower the value of the nice level, the higher the priority of the process SUSE Linux Enterprise Desktop Administration 43
View and Prioritize Processes (continued) • nice and renice (continued) – The nice level is used by the scheduler to determine how frequently to service a running process – Use the command renice to change the nice value of a running process • top – Allows you to watch processes continuously in a list that is updated in short intervals • Provides a real-time view of a running system – Can also be used to assign a new nice value to running processes or to end processes SUSE Linux Enterprise Desktop Administration 44
Figure 10 -4 The output of the top command SUSE Linux Enterprise Desktop Administration 45
End a Process • kill and killall – The killall command kills all processes with an indicated command name – The kill command kills only the indicated process • GNOME System Monitor – Start the GNOME System Monitor utility (Computer >More Applications > GNOME System Monitor) to view and kill processes SUSE Linux Enterprise Desktop Administration 46
End a Process (continued) Table 10 -13 The more commonly used kill signals SUSE Linux Enterprise Desktop Administration 47
Figure 10 -5 The GNOME System Monitor utility SUSE Linux Enterprise Desktop Administration 48
End a Process (continued) Table 10 -14 Information displayed by default on the Process tab SUSE Linux Enterprise Desktop Administration 49
Understand Services (Daemons) • A service is also called a daemon – Process or collection of processes that wait for an event to trigger an action on the part of the program • Network-based services create a listener on a TCP or UDP port when they are started – Listener waits for network traffic to appear on the designated port – When traffic is detected, the program processes the traffic as input and generates output that is sent back to the requester SUSE Linux Enterprise Desktop Administration 50
Manage a Daemon Process • Daemons run in the background are usually started when the system is booted • Daemons make a number of services available – Daemons are terminal-independent processes, and are indicated in the ps x TTY column by a ? • Two types of daemons are available: – Signal-controlled daemons – Interval-controlled daemons SUSE Linux Enterprise Desktop Administration 51
Manage a Daemon Process (continued) • Each daemon has a corresponding script in /etc/init. d/ Table 10 -15 Parameters used to control daemon scripts • Many scripts have a symbolic link in either the /usr/sbin/ directory or the /sbin/ directory • Find configuration files for daemons in the /etc/ directory or in its subdirectories SUSE Linux Enterprise Desktop Administration 52
Manage a Daemon Process (continued) • Some important daemons: – cron—Starts other processes at specified times – cupsd—The printing daemon – sshd—Enables secure communication by way of insecure networks (secure shell) – syslog ng—Logs system messages in the directory /var/log/ SUSE Linux Enterprise Desktop Administration 53
Exercise 10 -3: Manage Linux Processes • In this exercise, start and stop processes and change their priorities • First, start and suspend xeyes, move it to the background and foreground, and stop it • Then, start xeyes and set the priority of the running program to a nice value of -5 • Start a second xeyes with a nice value of 10 SUSE Linux Enterprise Desktop Administration 54
Objective 5—Schedule Jobs • Automate jobs in Linux by doing the following: – Schedule a Job (cron) – Run a Job One Time Only (at) SUSE Linux Enterprise Desktop Administration 55
Schedule a Job (cron) • Schedule jobs to be carried out on a regular basis by using the cron service (/usr/sbin/cron) • The service runs as a daemon – Checks once a minute to see if jobs have been defined for the current time • A file that contains the list of jobs is called a crontab – A crontab exists for the entire system as well as for each user defined on the system • The /etc/sysconfig/cron file contains variables for the configuration of some scripts started by cron SUSE Linux Enterprise Desktop Administration 56
Schedule a Job (cron) (continued) • System jobs – Control system jobs with the /etc/crontab file Table 10 -16 Directories containing system jobs that will be run by cron – Can add lines to /etc/crontab, but do not delete the lines added at installation – Information on the last time the jobs were run is kept in the /var/spool/cron/lastrun/ directory SUSE Linux Enterprise Desktop Administration 57
Schedule a Job (cron) (continued) • User jobs – The jobs of individual users are stored in the /var/spool/cron/tabs/ directory • In files matching the usernames – Users create their own jobs using crontab Table 10 -17 Options for the crontab command SUSE Linux Enterprise Desktop Administration 58
Schedule a Job (cron) (continued) • User jobs (continued) – Each line in a file defines a job – There are six fields in a line Table 10 -18 Fields in a crontab file SUSE Linux Enterprise Desktop Administration 59
Run a Job One Time Only (at) • If you want to run a job one time only, use the at command – To use at, make sure the atd service is started (rcatdstart) • Two files determine which users can run this command: – /etc/at. allow – /etc/at. deny • Can modify or create these text files SUSE Linux Enterprise Desktop Administration 60
Run a Job One Time Only (at) (continued) • If the /etc/at. allow file exists, only this file is evaluated – If neither of these files exists, only the user root can define jobs with at • Example: SUSE Linux Enterprise Desktop Administration 61
Exercise 10 -4: Schedule Jobs with at and cron • In this exercise, schedule jobs with at and cron • First, redirect the output of finger to /var/log/messages three minutes from the current time • Then, schedule the same job for tomorrow at noon • Then, schedule a program to run tomorrow at 2: 00 p. m. , and afterwards remove the job • In the second part of the exercise, create a cron job as a normal user that logs the output of finger to ~/users. log every minute SUSE Linux Enterprise Desktop Administration 62
Summary • To monitor the boot process, use Ya. ST and view the output of the dmesg command • Most hardware information is available within text files under the /proc directory • General system information can be obtained using the uptime, netstat, and uname commands • The df command, du command, and GNOME System Monitor utility can be used to monitor disk usage • Most log files are stored in the /var/log directory and created by the Syslog daemon SUSE Linux Enterprise Desktop Administration 63
Summary (continued) • The logrotate program is run daily to archive log files • Processes are programs that are executing on the system • Every process has a PID, a PPID, and can possibly start an unlimited number of child processes – Background processes have a job ID • View processes within a desktop environment using the GNOME System Monitor • kill, killall, and top commands can be used to stop processes SUSE Linux Enterprise Desktop Administration 64
Summary (continued) • You can affect the priority of a process by changing its nice value • To change the nice value of a program, use the nice command • Daemon process names typically end with d and contain a ? in the TTY column of ps command output • Start daemons by running the appropriate script in the /etc/init. d directory • To schedule tasks to occur repetitively in the future, use the cron daemon and create a crontab SUSE Linux Enterprise Desktop Administration 65
Suse linux remote desktop
Suse linux administration
Uclinux
Suse linux 9
Suse linux ag
Suse linux shutdown command
Linux operation and administration chapter 8
Sistem operasi gui
Webex desktop app linux
Linux operations and administration
Postfix mysql
What is mdop
Windows xp mode system requirements
General security
Private suse repo
Hpe
Výbežok oceánu alebo mora do pevniny
Suse expanded support
Suse firewall
Putting the enterprise into the enterprise system
Putting the enterprise into the enterprise system
Chapter 24 section 1 the nixon administration answers
Chapter 32 section 1 the nixon administration
Chapter 32 section 1 the nixon administration
Chapter 24 section 1 the nixon administration
Chapter 7 urban administration question answer
Chapter 17 dosage calculation and medication administration
Chapter 31 medication administration
Public administration chapter 1
Public administration chapter 1
Chapter 2 free enterprise in the united states
Chapter 3 lesson 1 american free enterprise capitalism
Chapter 3 american free enterprise worksheet answers
Chapter 5 the free enterprise system
Goals of scientific enterprise in psychology
Chapter 7 the business of free enterprise
Chapter 6 managing the business enterprise
Remote desktop virtualization host role server 2012
Desktop lifecycle management
Ocs architecture
Nau remote desktop
Igel os converter
Ucl cover letter
Application desktop delivery
Ucl swdb
Desktop @ucl
Rs:embed=true
Microsoft app v
Microsoft desktop optimization pack download
Group policy change management
Mcsp desktop
Managed desktop services
Desktop publishing vs word processing
Smart business desktop cloud
Sap agent desktop
Gartner magic quadrant vdi
Finesse desktop
Etwinning desktop
What is the difference between dtp and word processing
Disadvantages of dtp
Cernts
Vdt emory
Cataloger's desktop
Computer associates workload automation
Parts and functions of a computer
Python desktop automation
