Solved

how to check virtual server logs over ssh

Posted on 2013-11-14
13
506 Views
Last Modified: 2013-11-19
Hi. i have a virtual server that jumps up to 100% CPU for a day or 2 then goes back down to 5% at for the rest of the time.

i have been told that i can look at the message logs using ssh and i it will have some info on what is using the CPU.

I know how to log in to the virtual server with root access and cd into folders but where are the message logs stored and how do i download them when i find them?

i don't regard myself as a pro when it comes to ssh / command line please help! thanks.

server is running plesk version 9.5 (much out of date version)
centOS
0
Comment
Question by:helpchrisplz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +2
13 Comments
 
LVL 2

Expert Comment

by:goubun
ID: 39649976
The file that have system logs is /var/log/messages you can see this with:

vi /var/log/messages or using WinSCP with the ssh credentials to download the file to your computer
0
 
LVL 14

Expert Comment

by:jb1dev
ID: 39649977
On RedHat based distros (like centos) you can typically find logs in /var/log

Without more information on what exact logs you are looking for, I can't be more specific.
0
 
LVL 1

Assisted Solution

by:wimiles
wimiles earned 166 total points
ID: 39650416
Hello,

If you have been running Plesk for a while, and have your stats turned on (Webalyzer or AWstats) then that is probably your culprit.  When your server is running at 100% CPU usage, try to SSH into it, and run the following command:

 top -c

This will list the processes that are using the most CPU on your server.  (q will quit out)

Once you have this information, I would suggest proceeding from there.  Once you know the process that is using your server so much, it will be easier to resolve the problem.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 62

Expert Comment

by:gheist
ID: 39650576
You need to install and enable psacct, then try to use lastcomm to detect what happens)
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650664
@goubun:
i just get a load or dashes in putty when i do:

 vi /ver/log/messages

~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/ver/log/messages" [New DIRECTORY]

and i think i was writing to the file? didnt know how to exit out of this so closed putty and logged in again.

@wimiles
if i use:
 top -c i can see the cpu usage for mysql apache and all the rest are called root. just not sure what i can do to fix the problem if i find that its apache thats using all the CPU. it doesn't tell me why. server isnt at 100% right now so waiting for this moment to happen.

so looking back at the logs method of doing things:

if i cd in to /var/log this is what i see.
 
[root@server***-***-**-*** ~]# cd /var/log
[root@server***-***-**-*** log]# pwd
/var/log
[root@server***-***-**-*** log]# ls
anaconda.log     cron       maillog.3     rkhunter.log.old  spooler.1
anaconda.syslog  cron.1     maillog.4     rpmpkgs           spooler.2
atmail           cron.2     mailman       rpmpkgs.1         spooler.3
audit            cron.3     messages      rpmpkgs.2         spooler.4
boot.log         cron.4     messages.1    rpmpkgs.3         sso
boot.log.1       dmesg      messages.2    rpmpkgs.4         sw-cp-server
boot.log.2       faillog    messages.3    sa                tallylog
boot.log.3       httpd      messages.4    samba             tomcat5
boot.log.4       kav        mysqld.log    secure            wtmp
brcm-iscsi.log   lastlog    pm            secure.1          wtmp.1
btmp             mail       ppp           secure.2          yum.log
btmp.1           maillog    prelink       secure.3          yum.log.1
conman           maillog.1  psa-horde     secure.4          yum.log.2
conman.old       maillog.2  rkhunter.log  spooler
[root@server***-***-**-*** log]#


@gheist
am not sure what  psacct is or how to even start using lastcomm.
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650672
what log is best to download and how can i download it using putty?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39650936
You have pscp in same directory
pscp user@server:/var/log/* c:\logs\
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39650943
sorry for being a noob. I have used the following command in putty but dont see any thing in my computers c:\logs\ folder


[root@server***-***-**-*** log]# pscp user@server:/var/log/* c:\logs\
>
[root@server***-***-**-*** log]#

what am i doing wrong? thanks.

done this  also

[root@server***-***-**-*** log]# pscp root@server***-***-**-***:/var/log/* c:\logs\
>

but no joy
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 167 total points
ID: 39651143
Add -r parameter and remove * wildcard
0
 
LVL 1

Author Comment

by:helpchrisplz
ID: 39651170
so that would be:

pscp -r root@server***-***-**-***:/var/log/ c:\logs\

this correct?
0
 
LVL 62

Expert Comment

by:gheist
ID: 39651854
idont know i dont use windows 95
0
 
LVL 2

Accepted Solution

by:
goubun earned 167 total points
ID: 39652397
You run vi /ver/log/messages and it is : vi /var/log/messages
0
 
LVL 1

Author Closing Comment

by:helpchrisplz
ID: 39660561
ty
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question