Petiti - Ohun elo Ṣiṣayẹwo Wọle Orisun Ṣiṣii fun Linux SysAdmins
Petit jẹ awọn eto Cygwin ọfẹ ati orisun ṣiṣi, ti a ṣe apẹrẹ lati ṣe itupalẹ ni iyara awọn faili log ni awọn agbegbe iṣowo.
O ti pinnu lati tẹle imoye Unix ti iyara kekere ati rọrun lati lo, ati pe a le lo lati ṣayẹwo/ṣe atilẹyin awọn ọna kika faili log oriṣiriṣi pẹlu syslog ati awọn faili log Apache.
- Awọn atilẹyin fun itupalẹ log.
- Aifọwọyi-ṣe awari ati ṣe atilẹyin ọpọlọpọ awọn ọna kika faili log (fun apẹẹrẹ Syslog, Access Apache, Aṣiṣe Apache, Snort Log, Linux Secure Log, ati awọn faili log aise).
- Ṣe atilẹyin fun log Hashing.
- Ṣe atilẹyin fun kika ila ila aṣẹ.
- Ṣe atilẹyin fun iṣawari ọrọ ati ka pẹlu awọn ọrọ idaduro-wọpọ laarin data akọọlẹ.
- Awọn atilẹyin fun idinku log fun kika kika ni rọọrun.
- Pese ọpọlọpọ aiyipada ati awọn awoṣe ti a ṣe ni pataki.
- Ṣe atilẹyin awọn itẹka ọwọ, wulo ni idamo ati laisi awọn ibuwọlu atunbere.
- Nfun ọpọlọpọ awọn aṣayan iṣujade fun awọn ebute iboju jakejado ati yiyan ohun kikọ ati ọpọlọpọ diẹ sii.
Ninu ẹkọ yii, a yoo fi ọ han bi o ṣe le fi sori ẹrọ ati lilo ohun elo onínọmbà logit logit ni Lainos lati fa alaye ti o wulo jade lati awọn akọọlẹ eto ni ọna pupọ.
Bii o ṣe le Fi sii ati Lo Ọpa Analysis Petit Log in Linux
A le fi Petit sori ẹrọ lati awọn ibi ipamọ aiyipada ti Debian/Ubuntu ati awọn itọsẹ rẹ, ni lilo ọpa iṣakoso package to dara bi a ṣe han ni isalẹ.
$ sudo apt install petit
Lori awọn eto RHEL/CentOS/Fedora, ṣe igbasilẹ ati fi sori ẹrọ package .rpm bii eleyi.
# wget http://crunchtools.com/wp-content/files/petit/petit-current.rpm # rpm -i petit-current.rpm
Lọgan ti a fi sii, o to akoko lati wo lilo ipilẹ Petit pẹlu awọn apẹẹrẹ ..
Eyi jẹ iṣẹ kekere kekere - o ṣe akopọ nọmba awọn ila ti a ṣe awari ni faili log kan. O jẹ iṣelọpọ ti o ni nọmba ti awọn ila ti o jọra ti o wa ninu akọọlẹ ati iru ẹgbẹ wo ni fifẹ wo bi a ṣe han ni isalẹ.
# petit --hash /var/log/yum.log OR # petit --hash --fingerprint /var/log/messages
2: Mar 18 14:35:54 Installed: libiec61883-1.2.0-4.el6.x86_64 2: Mar 18 15:25:18 Installed: xorg-x11-drv-i740-1.3.4-11.el6.x86_64 1: Dec 16 12:36:23 Installed: 5:mutt-1.5.20-7.20091214hg736b6a.el6.x86_64 1: Dec 16 12:36:22 Installed: mailcap-2.1.31-2.el6.noarch 1: Dec 16 12:40:49 Installed: mailx-12.4-8.el6_6.x86_64 1: Dec 16 12:40:20 Installed: man-1.6f-32.el6.x86_64 1: Dec 16 12:43:33 Installed: sysstat-9.0.4-31.el6.x86_64 1: Dec 16 12:36:22 Installed: tokyocabinet-1.4.33-6.el6.x86_64 1: Dec 16 12:36:22 Installed: urlview-0.9-7.el6.x86_64 1: Dec 16 12:40:19 Installed: xz-4.999.9-0.5.beta.20091007git.el6.x86_64 1: Dec 16 12:40:19 Installed: xz-lzma-compat-4.999.9-0.5.beta.20091007git.el6.x86_64 1: Dec 16 12:43:31 Updated: 2:tar-1.23-15.el6_8.x86_64 1: Dec 16 12:43:31 Updated: procps-3.2.8-36.el6.x86_64 1: Feb 18 12:40:27 Erased: mysql 1: Feb 18 12:40:28 Erased: mysql-libs 1: Feb 18 12:40:22 Installed: MariaDB-client-10.1.21-1.el6.x86_64 1: Feb 18 12:40:12 Installed: MariaDB-common-10.1.21-1.el6.x86_64 1: Feb 18 12:40:10 Installed: MariaDB-compat-10.1.21-1.el6.x86_64 1: Feb 18 12:54:50 Installed: apr-1.3.9-5.el6_2.x86_64 ......
Lilo aṣayan --daemon ṣe iranlọwọ lati gbejade ijabọ ipilẹ ti awọn ila ti a ṣe nipasẹ daemon eto pato bi o ṣe han ninu apẹẹrẹ ni isalẹ.
# petit --hash --daemon /var/log/syslog
847: vmunix: 48: CRON[#]: 30: dhclient[#]: 26: nm-dispatcher: 14: rtkit-daemon[#]: 6: smartd[#]: 5: ntfs-#g[#]: 4: udisksd[#]: 3: mdm[#]: 2: ag[#]: 2: syslogd 1: cinnamon-killer-daemon: 1: cinnamon-session[#]: 1: pulseaudio[#]:
Lati wa gbogbo nọmba awọn ila ti ipilẹṣẹ nipasẹ ogun kan pato, lo Flag --host bi a ṣe han ni isalẹ. Eyi le wulo nigbati o ba ṣe itupalẹ awọn faili log fun ogun diẹ sii ju ọkan lọ.
# petit --host /var/log/syslog 999: tecmint
Iṣẹ yii ni a lo lati wa ati ṣafihan awọn ọrọ pataki didara ninu faili log.
# petit --wordcount /var/log/syslog
845: [ 97: [mem 75: ACPI: 64: pci 62: debian-sa# 62: to 51: USB 50: of 49: device 47: && 47: (root) 47: CMD 47: usb 41: systemd# 36: ACPI 32: > 32: driver 32: reserved 31: (comm# 31: -v
Eyi n ṣiṣẹ ni ọna kika charting bọtini kan/iye, fun ẹgbẹ ni afiwe ẹgbẹ ti awọn pinpin bi o ṣe han ninu awọn apẹẹrẹ ni isalẹ.
Lati ṣe iwọn awọn aaya 60 akọkọ ni syslog kan, lo asia --sgrapg bii eleyi.
# petit --sgraph /var/log/syslog
# # # # # ############################################################ 59 29 58 Start Time: 2017-06-08 09:45:59 Minimum Value: 0 End Time: 2017-06-08 09:46:58 Maximum Value: 1 Duration: 60 seconds Scale: 0.166666666667
Apẹẹrẹ yii fihan bi o ṣe le tọpinpin ati ṣe aworan ọrọ kan pato (fun apẹẹrẹ\"dhcp" ni aṣẹ ti o wa ni isalẹ) ninu faili log kan.
# cat /var/log/messages | grep error | petit --mgraph
# # # # # # # # # # # # # # # ############################################################ 10 40 09 Start Time: 2017-06-08 10:10:00 Minimum Value: 0 End Time: 2017-06-08 11:09:00 Maximum Value: 2 Duration: 60 minutes Scale: 0.333333333333
Ni afikun, lati fihan awọn ayẹwo fun titẹ sii kọọkan ni faili log, lo aṣayan-awọn apẹẹrẹ bi eleyi.
# petit --hash --allsample /var/log/syslog
Awọn faili Petit pataki:
- /var/lib/petit/fingerprint_library - ti a lo lati kọ awọn faili itẹka aṣa.
- /var/lib/petit/itẹka (awọn faili itẹka apapọ) - ti a lo lati ṣe àlẹmọ awọn atunbere ati awọn iṣẹlẹ miiran ti a ko ka si pataki nipasẹ olutọju eto.
- /var/lib/petit/awọn asẹ/
Fun alaye diẹ sii ati awọn aṣayan lilo, ka oju-iwe eniyan kekere bi eyi.
# man petit OR # petit -h
Oju-ile Petit: http://crunchtools.com/software/petit/
Tun ka nipasẹ awọn itọsọna iwulo wọnyi nipa ibojuwo log ati iṣakoso ni Lainos:
- 4 Abojuto Ṣiṣayẹwo Wọle Orisun Dara ati Awọn irinṣẹ Iṣakoso fun Lainos Bii a ṣe le Ṣakoso awọn Awọn akọọlẹ Eto (Tunto, Yiyi ati Wọle sinu aaye data) ni Lainos
- Bii o ṣe le Ṣeto ati Ṣakoso Yiyi Wọle Lilo Logrotate ni Linux
- Atẹle Awọn akọọlẹ olupin ni Akoko-gidi pẹlu\"Log.io" Ọpa lori Lainos
O le firanṣẹ eyikeyi awọn ibeere nipasẹ fọọmu esi ni isalẹ tabi boya pin pẹlu wa alaye nipa awọn irinṣẹ onínọmbà log to wulo fun Lainos ni ita, ti o ti gbọ tabi wa kọja.