Solved

how to check virtual server logs over ssh

Posted on 2013-11-14
13
505 Views
Last Modified: 2013-11-19
Hi. i have a virtual server that jumps up to 100% CPU for a day or 2 then goes back down to 5% at for the rest of the time.

i have been told that i can look at the message logs using ssh and i it will have some info on what is using the CPU.

I know how to log in to the virtual server with root access and cd into folders but where are the message logs stored and how do i download them when i find them?

i don't regard myself as a pro when it comes to ssh / command line please help! thanks.

server is running plesk version 9.5 (much out of date version)
centOS
0
Comment
Question by:helpchrisplz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +2
13 Comments
 
LVL 2

Expert Comment

by:goubun
ID: 39649976
The file that have system logs is /var/log/messages you can see this with:

vi /var/log/messages or using WinSCP with the ssh credentials to download the file to your computer
0
 
LVL 14

Expert Comment

by:jb1dev
ID: 39649977
On RedHat based distros (like centos) you can typically find logs in /var/log

Without more information on what exact logs you are looking for, I can't be more specific.
0
 
LVL 1

Assisted Solution

by:wimiles
wimiles earned 166 total points
ID: 39650416
Hello,

If you have been running Plesk for a while, and have your stats turned on (Webalyzer or AWstats) then that is probably your culprit.  When your server is running at 100% CPU usage, try to SSH into it, and run the following command:

 top -c

This will list the processes that are using the most CPU on your server.  (q will quit out)

Once you have this information, I would suggest proceeding from there.  Once you know the process that is using your server so much, it will be easier to resolve the problem.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 62

Expert Comment

by:gheist
ID: 39650576
You need to install and enable psacct, then try to use lastcomm to detect what happens)
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650664
@goubun:
i just get a load or dashes in putty when i do:

 vi /ver/log/messages

~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/ver/log/messages" [New DIRECTORY]

and i think i was writing to the file? didnt know how to exit out of this so closed putty and logged in again.

@wimiles
if i use:
 top -c i can see the cpu usage for mysql apache and all the rest are called root. just not sure what i can do to fix the problem if i find that its apache thats using all the CPU. it doesn't tell me why. server isnt at 100% right now so waiting for this moment to happen.

so looking back at the logs method of doing things:

if i cd in to /var/log this is what i see.
 
[root@server***-***-**-*** ~]# cd /var/log
[root@server***-***-**-*** log]# pwd
/var/log
[root@server***-***-**-*** log]# ls
anaconda.log     cron       maillog.3     rkhunter.log.old  spooler.1
anaconda.syslog  cron.1     maillog.4     rpmpkgs           spooler.2
atmail           cron.2     mailman       rpmpkgs.1         spooler.3
audit            cron.3     messages      rpmpkgs.2         spooler.4
boot.log         cron.4     messages.1    rpmpkgs.3         sso
boot.log.1       dmesg      messages.2    rpmpkgs.4         sw-cp-server
boot.log.2       faillog    messages.3    sa                tallylog
boot.log.3       httpd      messages.4    samba             tomcat5
boot.log.4       kav        mysqld.log    secure            wtmp
brcm-iscsi.log   lastlog    pm            secure.1          wtmp.1
btmp             mail       ppp           secure.2          yum.log
btmp.1           maillog    prelink       secure.3          yum.log.1
conman           maillog.1  psa-horde     secure.4          yum.log.2
conman.old       maillog.2  rkhunter.log  spooler
[root@server***-***-**-*** log]#


@gheist
am not sure what  psacct is or how to even start using lastcomm.
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650672
what log is best to download and how can i download it using putty?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39650936
You have pscp in same directory
pscp user@server:/var/log/* c:\logs\
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650943
sorry for being a noob. I have used the following command in putty but dont see any thing in my computers c:\logs\ folder


[root@server***-***-**-*** log]# pscp user@server:/var/log/* c:\logs\
>
[root@server***-***-**-*** log]#

what am i doing wrong? thanks.

done this  also

[root@server***-***-**-*** log]# pscp root@server***-***-**-***:/var/log/* c:\logs\
>

but no joy
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 167 total points
ID: 39651143
Add -r parameter and remove * wildcard
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39651170
so that would be:

pscp -r root@server***-***-**-***:/var/log/ c:\logs\

this correct?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39651854
idont know i dont use windows 95
0
 
LVL 2

Accepted Solution

by:
goubun earned 167 total points
ID: 39652397
You run vi /ver/log/messages and it is : vi /var/log/messages
0
 
LVL 1

Author Closing Comment

by:helpchrisplz
ID: 39660561
ty
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question