System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

Slides:



Advertisements
Similar presentations
Managing logs with syslog-ng and SWATCH AfNOG 11, Kigali/Rwanda.
Advertisements

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
NetComm Wireless Logging Architecture Feature Spotlight.
Syslog and log files1-1 Syslog and Log Files  From logfiles, you can find m important information m History m Errors/warnings  Logging policies m Reset.
Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.
CIS 193A – Lesson3 Vigilance! Logging & Monitoring Syslog Logrotate Logwatch Accounting.
2000 Copyrights, Danielle S. Lahmani UNIX Tools G , Fall 2000 Danielle S. Lahmani Lecture 12.
A Guide to Unix Using Linux Fourth Edition
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
Chapter 11 Monitoring and Analyzing the Web Environment.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
Syslogd Tracking system events. Log servers Applications are constantly encountering events which should be recorded –users attempt to login with bad.
Chapter 9 Periodic Processes. Computer Center, CS, NCTU 2 CRON – Schedule Commands (1)  What we want? Do things at right time automatically  cron daemon.
Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Using the Windows Event Viewer and Task Scheduler Chapter 5.
NOC TOOLS syslog AfNOG Cairo, SI-E, 2 of 5 Sunday Folayan.
AfChix 2011 Blantyre, Malawi Log management. Log management and monitoring ■ What is log management and monitoring ? ● It's about keeping your logs in.
Maintaining Host Security Logs.  Security logs are invaluable for verifying whether the host's defenses are operating properly.  Another reason to maintain.
Virtual Memory Tuning   You can improve a server’s performance by optimizing the way the paging file is used   You may want to size the paging file.
Services, logging, accounting Todd Kelley CST8177– Todd Kelley1.
Monitoring and Troubleshooting Chapter 17. Review What role is required to share folders on Windows Server 2008 R2? What is the default permission listed.
New SA Training Topic 9: Logging, Monitoring, and Performance  Logging  Windows – “Auditing”  Linux – syslog  Monitoring  MRTG  Big Brother  Performance.
Linux Filesystem Management
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
A Guide to Unix Using Linux Fourth Edition
August 28, 1998New features in PATROL 3.01 New features in PATROL version 3 Michael Jung (TU-Berlin), Waltraut Niepraschk (DESY) System overview Patrol.
CIS 218 Advanced UNIX 1 User and System Information CIS 218.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
ITI-481: Unix Administration Meeting 5. Today’s Agenda Network Information Service (NIS) The Cron Program Syslogd and Logging.
Linux Operations and Administration
System logging and monitoring
Module 7: Fundamentals of Administering Windows Server 2008.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
Vodafone MachineLink 3G
Citrix MPS 3.0 Licensing Douglas A. Brown President
System Monitoring and Automation. 2 Section Overview Automation of Periodic Tasks Scheduling and Cron Syslog Accounting.
TELE 301 Lecture 10: Scheduled … 1 Overview Last Lecture –Post installation This Lecture –Scheduled tasks and log management Next Lecture –DNS –Readings:
Day 11 SAMBA NFS Logs Managing Users. SAMBA Implements the ability for a Linux machine to communicate with and act like a Windows file server. –Implements.
Backups, Logging, Troubleshooting. Dates for Last Week of Class Homework 7 – Due Tuesday 5/1 by midnight Labs 7 & 8 – 8 is extra credit – Due Thursday.
Guide to Linux Installation and Administration, 2e1 Chapter 10 Managing System Resources.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 6 Manage Linux Processes and Services.
Guide To UNIX Using Linux Third Edition Chapter 8: Exploring the UNIX/Linux Utilities.
Linux+ Guide to Linux Certification, Second Edition Chapter 10 Managing Linux Processes.
A Practical Guide to Fedora and Red Hat Enterprise Linux Unit 9: Linux Network Services Chapter 16: Administration Tasks By Fred R. McClurg Linux Operating.
1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.
Guide To UNIX Using Linux Third Edition Chapter 8: Exploring the UNIX/Linux Utilities.
Ch11: Syslog and Logfiles Presented by: Apichana Thiantanawat 06/11/02.
1 Periodic Processes and the cron Daemon The cron daemon is where all timed events are initiated. The cron system is serviced by the cron daemon. What.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Cosc 4750 Log files Logging policies Throw away all data immediately Reset log files at periodic intervals Rotate logs files, keeping data for a fixed.
Periodic Processes Periodically proceed the assigned jobs in BSD… Similar the one in windows.
1 COP 4343 Unix System Administration Unit 8: – at – cron.
Chapter 10 Periodic Processes Unix System Administration.
Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment.
COP 4343 Unix System Administration
Cosc 4750 Log files.
APRICOT 2008 Network Management Taipei, Taiwan February 20-24, 2008
Chapter 9 Periodic Processes
ITIS 3110 IT Infrastructure II
A Guide to Unix Using Linux Fourth Edition
System Administration
Log management AfNOG 2008 Rabat, Morocco.
Accounting Accounting collects information about users and processes
CIT 470: Advanced Network and System Administration
Version A.01 H3064S Module 14 Slides
Periodic Processes Chapter 9.
Access Control and Audit
Presentation transcript:

System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University

Section Overview Automation of Periodic Tasks Scheduling and Cron Syslog Accounting

References CQU System Administration Course Chapter 14

Automation and Observation Automation Simplify repetitive tasks Shell Scripting Task Scheduling Observation Current Historical

SA Task Classification EasyHard Rarely Often ManuallyDocument AutomatePurchase Source: Time Management for SAs Thomas A Limoncelli

Periodic Processes Some tasks need to be run at set times crond Runs programs specified in a crontab file Each user has own crontab file crontab command used to modify crontab files

crontab File Format FieldDescriptionRange MinuteMinute of the hour0 – 59 HourHour of the day0 – 23 DayDay of the month1 – 31 MonthMonth of the year1 – 12 WeekdayDay of week (Sun – Sat)0 – 6 CommandCommand to run

crontab Range Format FormatDescription ValueExact value *Match all values Val1 – Val2Match values between Val1 and Val2 V1 – V2 / StepEvery between V1 and V2 Val1,Val2Match Val1 and Val2 Note: ‘-’, ‘/’, and ‘,’ can be combined

crontab Command crontab [-e|-l|-r] [user] -e : Edit the crontab file -l : List the contents of the crontab file -r : Remove the crontab file Root can specify other user crontabs

Access Control for cron Can control which users may use cron cron.allow List of users permitted to use cron Checked first cron.deny List of users denied access to cron Checked if cron.allow does not exist

ISC (“Vixie”) Cron Replacement for standard cron daemon /etc/crontab – System crontab file Inserted “run-as” field (6) run-parts Scripts put into /etc/cron. cron.hourly (run 1 minute after every hour) cron.daily (run 4:02 daily) cron.weekly (run 4:22 every Sunday) cron.monthy (run 4:42 first of every month)

Windows Task Scheduler Administrative Tools->Task Scheduler Trigger based Time State Special Conditions Idle Power (AC or Battery) Network Connections Actions Run a program Send Display a message

Current System Status Disk Space Usage du : Disk space used by file/directory df : Disk space used by file system Memory/CPU Usage ps uptime free/swap top/System Monitor

Historical Observation Log files Server daemons RSyslog Automated tools  swatch  Logcheck  Splunk Accounting Logins/logouts Process usage /var/log

rsyslog : System Logger Central logging facility Standard API Components syslogd /etc/rsyslog.conf logger Log files

rsyslog.conf Format: selectoraction Selector – facility.level Facility - Who or What  ‘,’ – Separates multiple facilities Level – When  ‘=’ – Matches level  No ‘=’ – Matches level and all above ‘;’ – Separates multiple selectors ‘*’ – Match all facilities or levels Action - What to do with the message

Common Syslog Facilities FacilitySource kern Kernel mail Sendmail lpr Printing daemon System Daemons cron Cron Daemon user User processes (default) local0-7 Locally assigned auth Security & Authentication

Syslog Severity Levels LevelCondition emerg Panic situations alert Urgent situations crit Critical conditions err Other error conditions warning Warning messages notice Things to check? info Information messages debug Debugging only

Syslog Actions ActionMeaning filename Writes message in Forwards message to Forwards message to host at IP user1,user2,… Send to user screens (if logged in) * Send to all logged in user screens Multiple actions require multiple lines!

Login Accounting wtmp – DB of all logins and logouts Time User/TTY Where utmp – DB of currently logged in users Reports who/w – Lists currently logged in users last – Lists all login sessions lastlog – List last time users logged in

Process Accounting Process information tracked Users Commands run CPU, memory, and I/O usage Accounting system accton – Turns accounting on lastcomm – last command run by user Vendor specific tools Can eat a lot of disk space quickly!!!

Windows Event Viewer Administrative Tools->Event Viewer Event Logs Windows Logs  Application  Setup  Security  System  Forwarded Application and Service Logs Subscriptions

Windows Event Levels Critical Error Warning Information Verbose Audit (Security) Success Failure

Why track usage? $$$ - Charging for usage Track user abuse of resources Generating a usage baseline for users Reports for management

How long to keep logs? Don’t log at all Reset the logs periodically Rotate log files Via cron date command Permanently archive log data File compression tools Tape CDROM

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.