HPE Community
Operating System - HP-UX
1835852 Members
2922 Online
110085 Solutions
New Discussion

System log files Information

 
SOLVED
Go to solution
Josmar Martin
Occasional Contributor

‎04-12-2002 08:50 AM

‎04-12-2002 08:50 AM

System log files Information

Hi!!!

I need information about System log files, how to know what are they recording and what are his importance.

I want to rotate logs and I need to know which of them I can compress/remove most frequently.

Where can I find it?

Thanks.
0 Kudos
Reply
3 REPLIES 3
Helen French
Honored Contributor

‎04-12-2002 09:07 AM

‎04-12-2002 09:07 AM

Re: System log files Information

Hi,

The system has a lot of log files depends on the applications/process. One important log file is the syslog.log ( /var/adm/syslog). This is the main system log file. For configuring, you can use the /etc/syslog.conf file and the syslogd daemon

# man syslogd

Also there are lot of other log files in the systems - stm logs (/var/stm/logs), /etc/shutdownlog, /etc/rc.log etc. Check the /var directory for log files

HTH,
Shiju
Life is a promise, fulfill it!
0 Kudos
Reply
Mark Vollmers
Esteemed Contributor

‎04-12-2002 09:31 AM

‎04-12-2002 09:31 AM

Re: System log files Information

Josmar-

This might not be the best answer, but given the large number of logs, the most complete way would probably be to run a find command to look for everything with a .log extension (or look in SAM or just poke around) and manually open up the logs. Looking at the last couple pages of the log should give an idea about what it is recording and how often entries get put in. As to how often to trim or compress, that really depends on how you feel. Something like a syslog should not be considered the same as something that logs login attempts or something that records IP requests to the web server. You might be able to find info on some of the logs, but it's not likly that you'll find a shortcut for doing this manually, if you really want to be complete. My advice is to worry about the big ones (syslog, rclog, etc) and use something like SAM to keep everything else at a decent size.

Mark
"We apologize for the inconvience" -God's last message to all creation, from Douglas Adams "So Long and Thanks for all the Fish"
0 Kudos
Reply
S.K. Chan
Honored Contributor

‎04-12-2002 08:07 PM

‎04-12-2002 08:07 PM

Solution

Re: System log files Information

In my opinion these would the the log files that you should be concerned with when it comes to its growth.
Meaning these would be the ones that you would rotate. A good practice would be archived saved logs and only delete them after some time. It depends on the policy you've established at your site. In my case old log files will be deleted after 6 months.
This is just based on what I have on our system, certainly not exhaustive.
1- /var/adm/syslog/syslog
==> The "mother" of all system log files, it logs everything, bootup, hardware errors, connection, etc, etc.
2- /var/adm/syslog/mail.log
==> records all sendmail activities
3- /var/adm/cron/cron.log
==> Logs cron activation
4- /var/adm/sw/*.log
==> SD logs. The one that's going to grow the fastest is swagent.log
5- /var/adm/lp/log
==> Logs print spooler activities. Usually quite manageble unless you got a lot of print request.
6- /var/adm/utmp , wtmp , btmp
==> Holds info for commands like last, who, write and login.
7- /var/adm/sulog
==> Keep tracks of who did su.
8- /var/adm/shutdownlog
==> Keep tracks of who did a shutdown/reboot.
9- /var/sam/log/samlog
==> Logs SAM related activities.
10- /var/opt/
==> At this level, it depends on what application you have on your system. Some examples includes ..perf, OV, samba, ignite..

hope that helps ..
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.