Presentation is loading. Please wait.

Presentation is loading. Please wait.

System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

Published byBetty Webb Modified over 8 years ago

Similar presentations

Presentation on theme: "System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University."— Presentation transcript:

1 System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University

2 Section Overview Automation of Periodic Tasks Scheduling and Cron Syslog Accounting

3 References CQU 85321 System Administration Course Chapter 14

4 Automation and Observation Automation Simplify repetitive tasks Shell Scripting Task Scheduling Observation Current Historical

5 SA Task Classification EasyHard Rarely Often ManuallyDocument AutomatePurchase Source: Time Management for SAs Thomas A Limoncelli

6 Periodic Processes Some tasks need to be run at set times crond Runs programs specified in a crontab file Each user has own crontab file crontab command used to modify crontab files

7 crontab File Format FieldDescriptionRange MinuteMinute of the hour0 – 59 HourHour of the day0 – 23 DayDay of the month1 – 31 MonthMonth of the year1 – 12 WeekdayDay of week (Sun – Sat)0 – 6 CommandCommand to run

8 crontab Range Format FormatDescription ValueExact value *Match all values Val1 – Val2Match values between Val1 and Val2 V1 – V2 / StepEvery between V1 and V2 Val1,Val2Match Val1 and Val2 Note: ‘-’, ‘/’, and ‘,’ can be combined

9 crontab Command crontab [-e|-l|-r] [user] -e : Edit the crontab file -l : List the contents of the crontab file -r : Remove the crontab file Root can specify other user crontabs

10 Access Control for cron Can control which users may use cron cron.allow List of users permitted to use cron Checked first cron.deny List of users denied access to cron Checked if cron.allow does not exist

11 ISC (“Vixie”) Cron Replacement for standard cron daemon /etc/crontab – System crontab file Inserted “run-as” field (6) run-parts Scripts put into /etc/cron. cron.hourly (run 1 minute after every hour) cron.daily (run 4:02 daily) cron.weekly (run 4:22 every Sunday) cron.monthy (run 4:42 first of every month)

12 Windows Task Scheduler Administrative Tools->Task Scheduler Trigger based Time State Special Conditions Idle Power (AC or Battery) Network Connections Actions Run a program Send email Display a message

13 Current System Status Disk Space Usage du : Disk space used by file/directory df : Disk space used by file system Memory/CPU Usage ps uptime free/swap top/System Monitor

14 Historical Observation Log files Server daemons RSyslog Automated tools  swatch  Logcheck  Splunk Accounting Logins/logouts Process usage /var/log

15 rsyslog : System Logger Central logging facility Standard API Components syslogd /etc/rsyslog.conf logger Log files

16 rsyslog.conf Format: selectoraction Selector – facility.level Facility - Who or What  ‘,’ – Separates multiple facilities Level – When  ‘=’ – Matches level  No ‘=’ – Matches level and all above ‘;’ – Separates multiple selectors ‘*’ – Match all facilities or levels Action - What to do with the message

17 Common Syslog Facilities FacilitySource kern Kernel mail Sendmail lpr Printing daemon System Daemons cron Cron Daemon user User processes (default) local0-7 Locally assigned auth Security & Authentication

18 Syslog Severity Levels LevelCondition emerg Panic situations alert Urgent situations crit Critical conditions err Other error conditions warning Warning messages notice Things to check? info Information messages debug Debugging only

19 Syslog Actions ActionMeaning filename Writes message in filename @hostname Forwards message to hostname @ipaddress Forwards message to host at IP user1,user2,… Send to user screens (if logged in) * Send to all logged in user screens Multiple actions require multiple lines!

20 Login Accounting wtmp – DB of all logins and logouts Time User/TTY Where utmp – DB of currently logged in users Reports who/w – Lists currently logged in users last – Lists all login sessions lastlog – List last time users logged in

21 Process Accounting Process information tracked Users Commands run CPU, memory, and I/O usage Accounting system accton – Turns accounting on lastcomm – last command run by user Vendor specific tools Can eat a lot of disk space quickly!!!

22 Windows Event Viewer Administrative Tools->Event Viewer Event Logs Windows Logs  Application  Setup  Security  System  Forwarded Application and Service Logs Subscriptions

23 Windows Event Levels Critical Error Warning Information Verbose Audit (Security) Success Failure

24 Why track usage? $$$ - Charging for usage Track user abuse of resources Generating a usage baseline for users Reports for management

25 How long to keep logs? Don’t log at all Reset the logs periodically Rotate log files Via cron date command Permanently archive log data File compression tools Tape CDROM

Download ppt "System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University."

Similar presentations

Managing logs with syslog-ng and SWATCH AfNOG 11, Kigali/Rwanda.

Managing logs with syslog-ng and SWATCH AfNOG 11, Kigali/Rwanda.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
NetComm Wireless Logging Architecture Feature Spotlight.

NetComm Wireless Logging Architecture Feature Spotlight.
Syslog and log files1-1 Syslog and Log Files  From logfiles, you can find m important information m History m Errors/warnings  Logging policies m Reset.

Syslog and log files1-1 Syslog and Log Files  From logfiles, you can find m important information m History m Errors/warnings  Logging policies m Reset.
Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.

Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.
CIS 193A – Lesson3 Vigilance! Logging & Monitoring Syslog Logrotate Logwatch Accounting.

CIS 193A – Lesson3 Vigilance! Logging & Monitoring Syslog Logrotate Logwatch Accounting.
2000 Copyrights, Danielle S. Lahmani UNIX Tools G22.2245-001, Fall 2000 Danielle S. Lahmani Lecture 12.

2000 Copyrights, Danielle S. Lahmani UNIX Tools G , Fall 2000 Danielle S. Lahmani Lecture 12.
A Guide to Unix Using Linux Fourth Edition

A Guide to Unix Using Linux Fourth Edition
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
Chapter 11 Monitoring and Analyzing the Web Environment.

Chapter 11 Monitoring and Analyzing the Web Environment.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.

Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
Syslogd Tracking system events. Log servers Applications are constantly encountering events which should be recorded –users attempt to login with bad.

Syslogd Tracking system events. Log servers Applications are constantly encountering events which should be recorded –users attempt to login with bad.
Chapter 9 Periodic Processes. Computer Center, CS, NCTU 2 CRON – Schedule Commands (1)  What we want? Do things at right time automatically  cron daemon.

Chapter 9 Periodic Processes. Computer Center, CS, NCTU 2 CRON – Schedule Commands (1)  What we want? Do things at right time automatically  cron daemon.
Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.

Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Using the Windows Event Viewer and Task Scheduler Chapter 5.

Using the Windows Event Viewer and Task Scheduler Chapter 5.
NOC TOOLS syslog AfNOG 2009 - Cairo, SI-E, 2 of 5 Sunday Folayan.

NOC TOOLS syslog AfNOG Cairo, SI-E, 2 of 5 Sunday Folayan.
AfChix 2011 Blantyre, Malawi Log management. Log management and monitoring ■ What is log management and monitoring ? ● It's about keeping your logs in.

AfChix 2011 Blantyre, Malawi Log management. Log management and monitoring ■ What is log management and monitoring ? ● It's about keeping your logs in.
Maintaining Host Security Logs.  Security logs are invaluable for verifying whether the host's defenses are operating properly.  Another reason to maintain.

Maintaining Host Security Logs.  Security logs are invaluable for verifying whether the host's defenses are operating properly.  Another reason to maintain.
Virtual Memory Tuning   You can improve a server’s performance by optimizing the way the paging file is used   You may want to size the paging file.

Virtual Memory Tuning   You can improve a server’s performance by optimizing the way the paging file is used   You may want to size the paging file.

Similar presentations

Ads by Google