Solved

how to check virtual server logs over ssh

Posted on 2013-11-14
13
504 Views
Last Modified: 2013-11-19
Hi. i have a virtual server that jumps up to 100% CPU for a day or 2 then goes back down to 5% at for the rest of the time.

i have been told that i can look at the message logs using ssh and i it will have some info on what is using the CPU.

I know how to log in to the virtual server with root access and cd into folders but where are the message logs stored and how do i download them when i find them?

i don't regard myself as a pro when it comes to ssh / command line please help! thanks.

server is running plesk version 9.5 (much out of date version)
centOS
0
Comment
Question by:helpchrisplz
  • 5
  • 4
  • 2
  • +2
13 Comments
 
LVL 2

Expert Comment

by:goubun
ID: 39649976
The file that have system logs is /var/log/messages you can see this with:

vi /var/log/messages or using WinSCP with the ssh credentials to download the file to your computer
0
 
LVL 14

Expert Comment

by:jb1dev
ID: 39649977
On RedHat based distros (like centos) you can typically find logs in /var/log

Without more information on what exact logs you are looking for, I can't be more specific.
0
 
LVL 1

Assisted Solution

by:wimiles
wimiles earned 166 total points
ID: 39650416
Hello,

If you have been running Plesk for a while, and have your stats turned on (Webalyzer or AWstats) then that is probably your culprit.  When your server is running at 100% CPU usage, try to SSH into it, and run the following command:

 top -c

This will list the processes that are using the most CPU on your server.  (q will quit out)

Once you have this information, I would suggest proceeding from there.  Once you know the process that is using your server so much, it will be easier to resolve the problem.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 62

Expert Comment

by:gheist
ID: 39650576
You need to install and enable psacct, then try to use lastcomm to detect what happens)
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650664
@goubun:
i just get a load or dashes in putty when i do:

 vi /ver/log/messages

~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/ver/log/messages" [New DIRECTORY]

and i think i was writing to the file? didnt know how to exit out of this so closed putty and logged in again.

@wimiles
if i use:
 top -c i can see the cpu usage for mysql apache and all the rest are called root. just not sure what i can do to fix the problem if i find that its apache thats using all the CPU. it doesn't tell me why. server isnt at 100% right now so waiting for this moment to happen.

so looking back at the logs method of doing things:

if i cd in to /var/log this is what i see.
 
[root@server***-***-**-*** ~]# cd /var/log
[root@server***-***-**-*** log]# pwd
/var/log
[root@server***-***-**-*** log]# ls
anaconda.log     cron       maillog.3     rkhunter.log.old  spooler.1
anaconda.syslog  cron.1     maillog.4     rpmpkgs           spooler.2
atmail           cron.2     mailman       rpmpkgs.1         spooler.3
audit            cron.3     messages      rpmpkgs.2         spooler.4
boot.log         cron.4     messages.1    rpmpkgs.3         sso
boot.log.1       dmesg      messages.2    rpmpkgs.4         sw-cp-server
boot.log.2       faillog    messages.3    sa                tallylog
boot.log.3       httpd      messages.4    samba             tomcat5
boot.log.4       kav        mysqld.log    secure            wtmp
brcm-iscsi.log   lastlog    pm            secure.1          wtmp.1
btmp             mail       ppp           secure.2          yum.log
btmp.1           maillog    prelink       secure.3          yum.log.1
conman           maillog.1  psa-horde     secure.4          yum.log.2
conman.old       maillog.2  rkhunter.log  spooler
[root@server***-***-**-*** log]#


@gheist
am not sure what  psacct is or how to even start using lastcomm.
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650672
what log is best to download and how can i download it using putty?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39650936
You have pscp in same directory
pscp user@server:/var/log/* c:\logs\
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650943
sorry for being a noob. I have used the following command in putty but dont see any thing in my computers c:\logs\ folder


[root@server***-***-**-*** log]# pscp user@server:/var/log/* c:\logs\
>
[root@server***-***-**-*** log]#

what am i doing wrong? thanks.

done this  also

[root@server***-***-**-*** log]# pscp root@server***-***-**-***:/var/log/* c:\logs\
>

but no joy
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 167 total points
ID: 39651143
Add -r parameter and remove * wildcard
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39651170
so that would be:

pscp -r root@server***-***-**-***:/var/log/ c:\logs\

this correct?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39651854
idont know i dont use windows 95
0
 
LVL 2

Accepted Solution

by:
goubun earned 167 total points
ID: 39652397
You run vi /ver/log/messages and it is : vi /var/log/messages
0
 
LVL 1

Author Closing Comment

by:helpchrisplz
ID: 39660561
ty
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question