system monitoring and automation csci n321 – system and network administration copyright © 2000,...
TRANSCRIPT
![Page 1: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/1.jpg)
System Monitoring and Automation
CSCI N321 – System and Network Administration
Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University
![Page 2: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/2.jpg)
Section Overview
Automation of Periodic Tasks
Scheduling and Cron
Syslog
Accounting
![Page 3: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/3.jpg)
References
CQU 85321 System Administration Course Chapter 14
![Page 4: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/4.jpg)
Automation and Observation
Automation Simplify repetitive tasks Shell Scripting Task Scheduling
Observation Current Historical
![Page 5: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/5.jpg)
SA Task Classification
EasyEasy HardHard
RarelyRarely
OftenOften
ManuallyManually DocumentDocument
AutomateAutomate PurchasePurchase
Source: Source: Time Management for SAsTime Management for SAsThomas A LimoncelliThomas A Limoncelli
![Page 6: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/6.jpg)
Periodic Processes
Some tasks need to be run at set times
crond Runs programs specified in a crontab file Each user has own crontab file crontab command used to modify crontab files
![Page 7: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/7.jpg)
crontab File Format
FieldField DescriptionDescription RangeRange
Minute Minute of the hour 0 – 59
Hour Hour of the day 0 – 23
Day Day of the month 1 – 31
Month Month of the year 1 – 12
Weekday Day of week (Sun – Sat) 0 – 6
Command
Command to run
![Page 8: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/8.jpg)
crontab Range Format
FormatFormat DescriptionDescription
Value Exact value
* Match all values
Val1 – Val2 Match values between Val1 and Val2
V1 – V2 / Step
Every <step> between V1 and V2
Val1,Val2 Match Val1 and Val2
Note: ‘-’, ‘/’, and ‘,’ can be combined
![Page 9: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/9.jpg)
crontab Command
crontab [-e|-l|-r] [user]
-e: Edit the crontab file-l: List the contents of the crontab file-r: Remove the crontab fileRoot can specify other user crontabs
![Page 10: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/10.jpg)
Access Control for cron
Can control which users may use croncron.allow List of users permitted to use cron Checked first
cron.deny List of users denied access to cron Checked if cron.allow does not exist
![Page 11: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/11.jpg)
ISC (“Vixie”) Cron
Replacement for standard cron daemon /etc/crontab – System crontab file Inserted “run-as” field (6) run-parts
Scripts put into /etc/cron.<period> cron.hourly (run 1 minute after every hour) cron.daily (run 4:02 daily) cron.weekly (run 4:22 every Sunday) cron.monthy (run 4:42 first of every month)
![Page 12: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/12.jpg)
Windows Task SchedulerAdministrative Tools->Task SchedulerTrigger based
Time State
Special Conditions Idle Power (AC or Battery) Network Connections
Actions Run a program Send email Display a message
![Page 13: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/13.jpg)
Current System Status
Disk Space Usage du: Disk space used by file/directory df: Disk space used by file system
Memory/CPU Usage ps uptime free/swap top/System Monitor
![Page 14: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/14.jpg)
Historical ObservationLog files Server daemons RSyslog Automated tools
swatch Logcheck Splunk
Accounting Logins/logouts Process usage/var/log
![Page 15: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/15.jpg)
rsyslog: System Logger
Central logging facilityStandard APIComponents syslogd /etc/rsyslog.conf logger Log files
![Page 16: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/16.jpg)
rsyslog.conf
Format: selector actionSelector – facility.level Facility - Who or What
‘,’ – Separates multiple facilities Level – When
‘=’ – Matches level No ‘=’ – Matches level and all above
‘;’ – Separates multiple selectors ‘*’ – Match all facilities or levels
Action - What to do with the message
![Page 17: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/17.jpg)
Common Syslog Facilities
FacilityFacility SourceSource
kern Kernel
mail Sendmail
lpr Printing
daemon System Daemons
cron Cron Daemon
user User processes (default)
local0-7 Locally assigned
auth Security & Authentication
![Page 18: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/18.jpg)
Syslog Severity Levels
LevelLevel ConditionCondition
emerg Panic situations
alert Urgent situations
crit Critical conditions
err Other error conditions
warning Warning messages
notice Things to check?
info Information messages
debug Debugging only
![Page 19: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/19.jpg)
Syslog Actions
ActionAction MeaningMeaning
filename Writes message in filename
@hostname Forwards message to hostname
@ipaddress Forwards message to host at IP
user1,user2,… Send to user screens (if logged in)
* Send to all logged in user screens
Multiple actions require multiple lines!
![Page 20: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/20.jpg)
Login Accounting
wtmp – DB of all logins and logouts Time User/TTY Where
utmp – DB of currently logged in usersReports who/w – Lists currently logged in users last – Lists all login sessions lastlog – List last time users logged in
![Page 21: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/21.jpg)
Process Accounting
Process information tracked Users Commands run CPU, memory, and I/O usage
Accounting system accton – Turns accounting on lastcomm – last command run by user Vendor specific tools
Can eat a lot of disk space quickly!!!
![Page 22: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/22.jpg)
Windows Event Viewer
Administrative Tools->Event ViewerEvent Logs Windows Logs
Application Setup Security System Forwarded
Application and Service Logs
Subscriptions
![Page 23: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/23.jpg)
Windows Event Levels
CriticalErrorWarningInformationVerboseAudit (Security) Success Failure
![Page 24: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/24.jpg)
Why track usage?
$$$ - Charging for usageTrack user abuse of resourcesGenerating a usage baseline for usersReports for management
![Page 25: System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University](https://reader030.vdocument.in/reader030/viewer/2022033106/56649e4f5503460f94b46f14/html5/thumbnails/25.jpg)
How long to keep logs?
Don’t log at allReset the logs periodicallyRotate log files Via cron date command
Permanently archive log data File compression tools Tape CDROM