Server Load Logging
Nov 23, 2007Is there any script which keep logging CPU and memory usage, sometimes server crashes and i want to know what caused it
View 4 RepliesIs there any script which keep logging CPU and memory usage, sometimes server crashes and i want to know what caused it
View 4 RepliesFirstly this question is not related to running a web hosting business, but to dedicated servers hosting our own websites.
I was just wondering, other than security reasons, what is the importance (if any) of keeping Apache/WWW logs? Are there legal reasons?
If it is best to keep Apache logs, how should we go about this? If we don't look after them properly there will be massive amounts of logs being kept - what is the best way to store them? I know they can be "rolled over" and kept for a certain amount of time, which is the best utility to do this?
The OS is Linux (CentOS) and the web servers are Apache and Lighttpd.
and should proxy/gateway/cache server logs be kept?
Does anyone have an app they use to track the bandwidth/usage for each connected computer/server?
we have multiple servers hooked up to one internet connection, all running miscrosoft windows software. Ideally i would like ONE of the servers running microsoft 2003 to log all others network usage.
All the servers do different things, so it would be great to check which are under most demand etc.
The other thing is, naturally i dont have screens for them all, only one. So this is the main reason for remote logging. Would be hassle to have to Remote desktop into each one to check how there doing every hour etc.
Anyone know of some good server load testers ( commercial )?
Im not looking for application based load testing, I need real web server load testing... need to see how much traffic this one site can take before it cries.
Is it possible to log only SQL queries/transactions for a single account (domain)?
I can easily enable logging for the entire server, but I really only need it for a single domain.
MySQL version 5.0.67
I just bought a new dedicated server and have got Lxadmin on it. Now lxadmin , automatically uses a different loggin system than I would want it to use. It creates a seperate log file for each doamin.
They are located in /home/httpd/EXAMPLE.com/stats
EXAMPLE.com-error_log
EXAMPLE.com-custom_log
Now the problem is that I have literally hundreds of domains and I want it to instead log at a single place and not at these hundreds of seperate places.
This is the root cause of my problem
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
I am unable to have any kind of centralised logging command because of the individual entries for each Virtual host.
Even if i can manually remove those entries once, and new domain created by lxadmin will have that same problem. Morevoer, any kind of update of lxadmin which rebuilds the database will also ruin all the hardwork that I put in.
Is there any suggestion / solution to this problem? Have centralised data at one place in a single file?
Who here uses remote logging?
If yes state what you are using after voting on the poll.
We have quite a large number of servers now but I'm now finding it harder and harder to keep log of the number of details for it. How do the bigger guys keep control on this? Ie: Keeping logs of the serial/product keys of each part in the server, where they were ordered from, what date was it ordered etc?
My collection of growing motherboard, ram, processor boxes (which all store the serials of the products on) are now slowly taking over the office even when flat packed. I normally just write on each of the boxes where the product was ordered from, date of order and server name. While this is all well and good.. 50 servers later it can be a bugger to find the serial of that dedi mobo without going to the DC.
I tried my efforts at a simple Access database but I kept finding I spent more and more time typing in complex keycodes into the DB and just gave up. When this has been done it sounds nice and easy but then I hit another stump.
Ontop of logging a new servers details, how do you log which server is available to be sold, who its been sold too? ATM we have a VPN shared spreadsheet with all the details in (praying that the other employees will actually update it) but Im not sure if it will stand up when it hits 100+ servers rather than the 50+ atm.
I'm having the oddest issue. For some reason, some of the websites on my server load fine, and some take a really long time to load (2 minutes).
Now, the server load is fine, and the size of the sites aren't the issue either. I've restarted Apache and a couple more services, and still the same sites seem to load very slow.
What could be causing this since it's only effecting certain websites?
Running Apache 2.2.2 and PHP 5.2.5, and my error_logs are filling up with PHP notices. I'd like to turn this feature off, but I must be missing something here. I've edited the php.ini and set error_reporting = E_ALL & ~E_NOTICE, and reloaded apache, but I still get the same php notices over and over again in the httpd error log.
View 1 Replies View RelatedFor some reason on a box I have, it takes 25 seconds from the time I hit enter for a usernames password for it to login via SSH. I am running CentOS 4.4
Is there something I can check to see why it is taking so long and/or fix this?
Just turned on extended logging in exim. Went through the log (exim_mainlog) and have thousands of these:
2007-01-08 01:44:10 cwd=/tmp 2 args: /usr/sbin/sendmail -bS
2007-01-08 01:44:12 cwd=/tmp 2 args: /usr/sbin/sendmail -ti
2007-01-08 01:44:50 cwd=/tmp 2 args: /usr/sbin/sendmail -bS
Looked in the /tmp dir. and see nothing interesting. Looks like sendmail has been hijacked. Not sure what to look for now.
I have Cpanel VPS account, and have been regularly backing up all my outgoing emails (via SMTP, imap or webmail) with the following:
Added to following lines in /etc/antivirus.exim
Code:
if first_delivery
and ("$h_from:" contains "username@domain.com")
then
unseen deliver "backup@anotherdomain.com"
endif
So, this worked well for the longest time. At some point it 'disappeared' and stopped working which I guess was due to some update, and putting it back it got it working again.
Recently, I had a new vps, moved my domain there and dropped the same bit in, but this time around, it didn't work.
Is it possible that antivirus.exim isn't being parsed? How do I check? Or is there somewhere else I can stick it into so it'll always work and not get replaced by some cpanel update?
I'm looking at allowing remote telnet into my server.
like any security-minded administrator, I want to log what my users type on the telnet session.
I'm using the script command to generate transcripts of the users session.
I have /etc/profile set to automatically start the script command to log user activity, and in /etc/bash.bash_logout I have a command that emails me the transcript of the users' session.
All of the above works well except for one thing:
the users can type "exit" to escape from my script logging and any commands they type won't get logged.
Does anyone have snort logging to a mysql database?
I am trying to get that to work so I can view the alerts with BASE.
I followed the instructions but snort is not logging to the DB,
We have a box
Cpanel 11
PHP5+ Zend 3.3 +eaccelerator 0.9.5.2+Gzip
CentOS 4
our error_log keeps to have errors
No log handling enabled - turning on stderr logging
Cannot rename /var/net-snmp/snmpapp.conf to /var/net-snmp/snmpapp.0.conf
We have make sure net-snmp is up to date, but still these erros time to time
Client uses drupal system which seems not working well EA, causing a lot of segments fault
The worse is that it seems error happen only when eaccelerator installed
commands to log packets temporarily for a certain udp port with the IP information ect.
Any help would be appreciated. As for what I am doing, I am trying to find anything wierd or something that stands out from the packets sent from external IP's to my server.
how to enable slow-query logging in MySQL ? Im using mysql version 4.1.20
well i just added following line in my.cnf can you please tell me is it correct way or not?
Code:
log-slow-queries=/tmp/slow_queries.log
log-update = /var/lib/mysql/updates.log
I have Apache 2.4.6 x64 installation. With the lapse of time, more and more threads appear that are stuck in "L" state.
They are all gone after httpd restart, leaving 408 errors in access logs. What can be the reason?
Can mod_log_rotate be involved? Currently it's set to rotate every 2 days.
We have a VPS system running with Plesk but after a nightly automatic update there was a error message in Plesk, with a link to 'fix' the problem. After that Plesk stopped functioning. Now, when we log in with correct credentials (we know its correct because we if incorrect, we get a message its incorrect, so thats working) we're presented with this error:
Error: Call to a member function getName() on a non-object (MainMenu.php:48).
Since some days I have the strange issue that all logings from DrWeb is shown directly into the console. For example if I connect to my Server via SSH and then I sned an email to my email accoutn I see the logging of the spool.
root@************:~# 2015 Mar 25 16:44:57 * 127.0.0.1 [13727] /var/spool/drweb/spool/drweb.tmp.tWcneM - archive MAIL
2015 Mar 25 16:44:57 * 127.0.0.1 [13727] >/var/spool/drweb/spool/drweb.tmp.tWcneM/3.part - Ok
2015 Mar 25 16:44:57 * 127.0.0.1 [13727] >/var/spool/drweb/spool/drweb.tmp.tWcneM/4.part - Ok
2015 Mar 25 16:44:57 * 127.0.0.1 [13727] >/var/spool/drweb/spool/drweb.tmp.tWcneM/5.reexport - Ok
2015 Mar 25 16:44:57 * 127.0.0.1 [13727] /var/spool/drweb/spool/drweb.tmp.tWcneM - Ok
this happens in my root shell. if I disable the Email check then this will not happen anymore. another strange issue is that if I restart drweb and I have more than 1 ssh shell open I see the output of the restart on all shells, this issue is only for drweb not for any other service. How to config drweb to log only into logfile not to the console?
I search the web and the only thing I can find was
[URL]
In the FreeBSD operating system, syslog service can intercept information output by Dr.Web Daemon to the console. In this case, the information is logged character-by-character. That occurs when the logging level is set to *.info in the syslog configuration file (syslog.conf).
I've got a problem at a local customer with rotatelogs.exe and the current release of Apache HTTPD 2.4.12.
I've downloaded the 64-bit zip-file (VC11) and installed the VC11 vcredist in both 32- and 64-bit version.
The project is to upgrade apache 2.2 to apache 2.4. I've adjusted the configuration and added rotatelogs for log rotation for error_log and access_log.
The configuration is 100% correct, I can copy the line to cmd.exe and it runs correctly.
Variables are set in global environment, APACHE_HOME is set with "/" instead of "" to get sure rotatelogs.exe is found.
I am running ubuntu 8.10 installed mysql 5.1.30 from source. i am trying to change passwords for some of the users but I keep getting the error listed in the title. Does anyone know whats going wrong ?
Code:
.mysqladmin: Can't turn off logging; error: 'Access denied; you need the SUPER privilege for this operation'
I've been having trouble with my VPS for a while now. In the QoS alerts page in Virtuozzo it seems to be a problem with numtcpsock and tcprcvbuf, mainly numtcpsock.
Copy these into the browser:
i18.photobucket.com/albums/b106/gnatfish/qosnumtcpsock2.jpg
And when i run cat /proc/user_beancounters:
i18.photobucket.com/albums/b106/gnatfish/beancounters2.jpg
This line is particularly scary:
numtcpsock 164 164 166 166 7321
What do i need to do, to get the website running again? It's only one site on the vps a proxy. So i thought a vps would be able to handle one proxy.
Any good and simple script to see Server status, server load, bandwidth, etc...?
is there like a simple script where it shows me the server info?
Like how much RAM is being used, bandwidth, load, etc?
We have CentOS 4 and WHM 11 on server .
Now-a-days server is having too much load due to http and in access logs we see following message :
========================================
127.0.0.1 - - [11/Oct/2008:01:40:02 -0700] "OPTIONS * HTTP/1.0" 200 -
127.0.0.1 - - [11/Oct/2008:01:40:03 -0700] "OPTIONS * HTTP/1.0" 200 -
127.0.0.1 - - [11/Oct/2008:01:40:02 -0700] "OPTIONS * HTTP/1.0" 200 -=============================================
And due to this there is load on server. We are not able to understand why this is happening and how to stop this. So please suggest with some solution.
I am facing a strange issue with two RPG games sites that i am hosting on a 2GB ram server with softlayer, each of these sites was running on a 512MB VPS and they were doing fine but i decided to move them to better server so things run smoother when each has 50+ members online.
So the issue is when i have around 40 online members on each site, they start coughing up mysql errors, sometimes the sites just hang and stop loading, server load goes up to 3 or 4 but memory usage remains around 40%, I also notice that mysql uses the most of the CPU usage, around 75%
What i probably need is for someone to identify the cause of this, can it be an attack of some sort? or is it probably some code issues in the sites? do you recommend anyone that can have a look at this?