sharingsunshine
asked on
Need PID Details Historically
My system crashed and I need to find out what caused the crash. I have atop installed and I can see what process caused the problem by using the log files with atop. However, I want to know what programs and files were involved in the process.
Is there a way to do this with atop and/or sar?
I am on a Linux 2 AWS instance.
Is there a way to do this with atop and/or sar?
I am on a Linux 2 AWS instance.
ASKER
I am very acquainted with /var/log* and I have searched using grep through the files. As you know audit.log provides some of those answers but they are very difficult to follow. That is why I specified in the question the answer needs to use sar or atop.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Likely log files to review are syslog + kern.log or whatever equivalent files you have on your system.
You can also use the following to narrow down problems...
Open in new window
You can also go deeper by doing something like https://serverfault.com/qu
Likely simple review of /var/log/* will be sufficient.