4 Kyawawan Buɗaɗɗen Maɗaukakin Maɗaukakin Buɗaɗɗen Bayanan Kulawa da Kayayyakin Gudanarwa don Linux


Lokacin da tsarin aiki kamar Linux ke gudana, akwai abubuwa da yawa da ke faruwa da tafiyar matakai da ke gudana a baya don ba da damar ingantaccen amfani da ingantaccen amfani da albarkatun tsarin. Waɗannan abubuwan na iya faruwa a cikin software na tsarin misali tsarin init ko tsarin tsarin ko aikace-aikacen mai amfani kamar Apache, MySQL, FTP, da ƙari mai yawa.

Don fahimtar yanayin tsarin da aikace-aikace daban-daban da kuma yadda suke aiki, Masu Gudanar da Tsarin dole ne su ci gaba da nazarin fayilolin log a kowace rana a cikin yanayin samarwa.

Kuna iya tunanin yin nazarin fayilolin log daga wurare da yawa na tsarin aiki da aikace-aikace, wato inda tsarin shiga ya zo da amfani. Suna taimakawa don saka idanu, bita, tantancewa har ma da samar da rahotanni daga manyan fayiloli daban-daban kamar yadda Mai Gudanar da Tsari ya tsara.

  • Yadda ake Kula da Amfani da Tsari, Ƙullatawa da Gyaran Tsarin Linux
  • Yadda ake Sarrafa Sabis ɗin Sabar (Saita da Juyawa) a cikin Linux
  • Yadda ake saka idanu kan rajistan ayyukan sabar Linux tare da kayan aikin Log.io

A cikin wannan labarin, za mu kalli manyan tsare-tsaren gudanar da shigar da bayanai na buɗaɗɗen tushe guda huɗu a cikin Linux a yau, ƙa'idodin shiga tsakani a mafi yawan idan ba duk rarrabawa ba a yau shine Syslog.

1. Gwarzo 2

kayan aikin sarrafa katako na tsakiya wanda aka yi amfani da shi don tattarawa da sake duba rajistan ayyukan a wurare daban-daban ciki har da wuraren gwaji da samarwa. Yana da sauƙi a kafa kuma ana ba da shawarar sosai ga ƙananan kasuwanci.

Graylog yana taimaka muku cikin sauƙin tattara bayanai daga na'urori da yawa waɗanda suka haɗa da masu sauya hanyar sadarwa, hanyoyin sadarwa, da wuraren shiga mara waya. Yana haɗawa da injin bincike na Elasticsearch kuma yana ba da damar MongoDB don adana bayanai da rajistan ayyukan da aka tattara suna ba da zurfin fahimta kuma suna taimakawa wajen magance kurakuran tsarin.

Tare da Graylog, kuna samun tsabta da barci WebUI tare da kyawawan dashboards waɗanda ke taimaka muku bin bayanai ba tare da matsala ba. Hakanan, kuna samun saitin kayan aiki masu kyau da ayyuka waɗanda ke taimakawa cikin bin bin doka, binciken barazanar da ƙari. Kuna iya kunna sanarwar ta hanyar da faɗakarwa ke kunna lokacin da wani yanayi ya cika ko matsala ta faru.

Gabaɗaya, Graylog yana yin kyakkyawan aiki mai kyau wajen tattara bayanai masu yawa kuma yana sauƙaƙe bincike da nazarin bayanai. Sabuwar sigar ita ce Graylog 4.0 kuma tana ba da sabbin abubuwa kamar yanayin duhu, haɗin kai tare da slack da ElasticSearch 7 da ƙari mai yawa.

2. Logcheck

Logcheck har yanzu wani kayan aikin sa ido kan buɗaɗɗen buɗaɗɗen log ne wanda ke gudana azaman aikin cron. Yana ratsa dubunnan fayilolin log don gano take hakki ko abubuwan da suka faru na tsarin da aka jawo. Logcheck sannan ya aika da dalla-dalla na faɗakarwar zuwa adireshin imel da aka saita don faɗakar da ƙungiyoyin aiki game da batun kamar keta marar izini ko kuskuren tsarin.

Matakai uku daban-daban na tace logfile an haɓaka su a cikin wannan tsarin shiga wanda ya haɗa da:

  • Paranoid: an yi shi ne don manyan tsare-tsaren tsaro waɗanda ke tafiyar da ayyuka kaɗan kaɗan gwargwadon yiwuwa.
  • Server: wannan shine tsohuwar matakin tacewa don logcheck kuma an ayyana ka'idojinsa don yawancin daemon tsarin. Dokokin da aka ayyana a ƙarƙashin matakin paranoid suma suna cikin wannan matakin.
  • Wurin aiki: don tsarin tsari ne kuma yana taimakawa wajen tace yawancin saƙonni. Hakanan ya haɗa da ƙa'idodin da aka siffanta a ƙarƙashin matakan paranoid da uwar garken.

Logcheck yana da ikon rarraba saƙonnin da za a ba da rahoto zuwa matakai uku masu yuwuwa waɗanda suka haɗa da, abubuwan tsaro, abubuwan da suka faru na tsarin, da faɗakarwar harin tsarin. Mai Gudanar da Tsari na iya zaɓar matakin cikakkun bayanai waɗanda aka ba da rahoton abubuwan da suka faru na tsarin dangane da matakin tacewa kodayake wannan baya shafar al'amuran tsaro da faɗakarwar harin tsarin.

Logcheck yana ba da fasali masu zuwa:

  • Samfuran rahoton da aka ƙayyade.
  • Hanyar tace rajistan ayyukan ta amfani da maganganu na yau da kullun.
  • Sanarwar imel nan take.
  • Fadakarwar tsaro nan take.

3. Logwatch

Logwatch shine tushen buɗaɗɗen tushe kuma mai sauƙin daidaitawa da tarin rajista da aikace-aikacen bincike. Yana bincika duka tsarin da rajistan ayyukan aikace-aikace kuma yana samar da rahoto kan yadda aikace-aikacen ke gudana. Ana isar da rahoton ko dai akan layin umarni ko ta adireshin imel da aka keɓe.

Kuna iya keɓance Logwatch cikin sauƙi zuwa zaɓinku ta hanyar canza sigogi a cikin hanyar /etc/logwatch/conf. Hakanan yana ba da ƙarin wani abu ta hanyar rubutun PERL da aka riga aka rubuta don sauƙaƙa fassarar log ɗin.

Logwatch ya zo tare da tsarin daidaitawa kuma akwai manyan wurare 3 inda aka ayyana cikakkun bayanan sanyi:

  • /usr/share/logwatch/default.conf/*
  • /etc/logwatch/conf/dist.conf/*
  • /etc/logwatch/conf/*

An bayyana duk saitunan tsoho a cikin /usr/share/logwatch/default.conf/logwatch.conf fayil. Ayyukan da aka ba da shawarar shine a bar wannan fayil ɗin daidai kuma a maimakon haka ƙirƙirar fayil ɗin sanyi na ku a hanyar /etc/logwatch/conf/ ta hanyar kwafin ainihin fayil ɗin saitin sannan kuma ayyana saitunan al'ada.

Sabuwar sigar Logwatch ita ce sigar 7.5.5 kuma tana ba da tallafi don tambayar mujallar da aka tsara kai tsaye ta amfani da journalctl. Idan ba za ku iya samun kayan aikin sarrafa log na mallakar mallaka ba, Logwatch zai ba ku kwanciyar hankali don sanin cewa duk abubuwan da suka faru za a shiga da kuma isar da sanarwar idan wani abu ya ɓace.

4. Logstash

Logstash bututun sarrafa bayanai ne na gefen uwar garke wanda ke karɓar bayanai daga ɗimbin tushe gami da fayilolin gida, ko tsarin rarraba kamar S3. Sannan tana sarrafa rajistan ayyukan kuma ta tura su zuwa dandamali kamar Elasticsearch inda ake tantance su da adana su daga baya. Kayan aiki ne mai ƙarfi kamar yadda zai iya shigar da kundin rajistan ayyukan daga aikace-aikace da yawa sannan daga baya fitar da su zuwa ma'ajin bayanai ko injuna daban-daban a lokaci guda.

Logstash yana tsara bayanan da ba a tsara su ba kuma yana yin binciken yanayin ƙasa, yana ɓoye bayanan sirri, da ma'auni a cikin nodes da yawa kuma. Akwai babban jerin tushen bayanan da zaku iya samun Logstash sauraron bututu gami da SNMP, bugun zuciya, Syslog, Kafka, yar tsana, log log, da sauransu.

Logstash ya dogara da 'buga' waɗanda masu jigilar bayanai masu nauyi ne waɗanda ke ciyar da bayanai zuwa Logstash don tantancewa da tsarawa da sauransu. Sannan ana aika bayanai zuwa wasu wurare kamar Google Cloud, MongoDB, da Elasticsearch don ƙididdigewa. Logstash shine maɓalli mai mahimmanci na Stack Elastic wanda ke bawa masu amfani damar tattara bayanai ta kowace hanya, tantance shi kuma su hango shi akan dashboards masu mu'amala.

Menene ƙari, shine Logstash yana jin daɗin tallafin al'umma da sabuntawa akai-akai.

Takaitawa

Shi ke nan a yanzu kuma ku tuna cewa waɗannan ba duk tsarin sarrafa log ɗin ba ne waɗanda zaku iya amfani da su akan Linux. Za mu ci gaba da bita da sabunta jeri a cikin labarai na gaba, Ina fatan za ku sami wannan labarin yana da amfani kuma zaku iya sanar da mu wasu mahimman kayan aikin shiga ko tsarin ta wurin barin sharhi.