1、在服務器上修改配置文件
[root@ServerB var]# vim/etc/sysconfig/syslog
# Options to syslogd
# -m 0 disables 'MARK' messages. 禁用“標記”的消息
# -r enables logging from remote machines 接收遠程主機消息
# -x disables DNS lookups on messagesrecieved with –r 禁用DNS查找信息接收與
# See syslogd(8) for more details
SYSLOGD_OPTIONS="-m 0 -r"
# Options to klogd
# -2 prints all kernel oops messages twice;once for klogd to decode, and
# once for processing with 'ksymoops'
# -x disables all klogd processing of oopsmessages entirely
# See klogd(8) for more details
KLOGD_OPTIONS="-x"
#
SYSLOG_UMASK=077
# set this to a umask value to use for alllog files as in umask(1).
# By default, all permissions are removedfor "group" and "other".
[root@ServerB var]# service syslog start 重新啓動服務
啓動系統日誌記錄器:
啓動內核日誌記錄器:
[root@ServerB var]#
2、編輯客戶機的配置文件
[root@ServerA ~]# vim /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level infoor higher.
# Don't log private authenticationmessages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
/其中*是通配符,代表任何設備;none表示不對任何級別的信息進行記錄。
# The authpriv file has restricted access.
authpriv.* /var/log/secure
//將authpirv設備的任何級別的信息記錄到/var/log/secure文件中,這主要是一些和認、權限使用相關的信息。
# Log all the mail messages in one place.
mail.* -/var/log/maillog
//將mail設備中的任何級別的信息記錄到/var/log/maillog文件中,這主要是和電子郵件相關的信息
# Log cron stuff
cron.* /var/log/cron
cron.* @192.168.1.2指定存放日誌的位置
//將cron設備中的任何級別的信息記錄到/var/log/cron文件中,這主要是和系統中定期執行的任務相關的信息。
# Everybody gets emergency messages
*.emerg *
//將任何設備的emerg級別的信息發送給所有正在系統上的用戶。
# Save news errors of level crit and higherin a special file.
uucp,news.crit /var/log/spooler
//將uucp和news設備的crit級別的信息記錄到/var/log/spooler文件中。
# Save boot messages also to boot.log
local7.* /var/log/boot.log
//將和系統啓動相關的信息記錄到/var/log/boot.log文件中。
3、在服務器上時間查看計劃任務日誌
[root@ServerB var]# tail -f /var/log/cron
4、重啓客戶端日誌服務器
[root@ServerA~]# /etc/init.d/syslog restart
關閉內核日誌記錄器: [確定]
關閉系統日誌記錄器: [確定]
啓動系統日誌記錄器: [確定]
啓動內核日誌記錄器: [確定]
[root@ServerA ~]#
5、日誌服務器日誌產生
[root@ServerB var]# tail -f /var/log/cron
Nov 2 12:01:02 ServerB crond[3696]: (root) CMD (run-parts /etc/cron.hourly)
Nov 2 12:34:15 ServerB anacron[3436]: Job `cron.daily' started
Nov 2 12:34:33 ServerB anacron[3436]: Job `cron.daily' terminated
Nov 2 12:34:33 ServerB anacron[3436]: Normal exit (1 jobs run)
Nov 2 13:01:01 ServerB crond[4023]: (root) CMD (run-parts /etc/cron.hourly)
Nov 2 14:01:01 ServerB crond[4156]: (root) CMD (run-parts /etc/cron.hourly)
Nov 2 15:01:01 ServerB crond[4442]: (root) CMD (run-parts /etc/cron.hourly)
Nov 2 16:01:01 ServerB crond[4625]: (root) CMD (run-parts /etc/cron.hourly)
Nov 2 17:01:01 ServerB crond[4787]: (root) CMD (run-parts /etc/cron.hourly)
Nov 2 18:01:01 ServerB crond[4926]: (root) CMD (run-parts /etc/cron.hourly)