常用命令收集
Opened this issue · 4 comments
nailcui commented
常用命令收集
nailcui commented
find
# 当前目录下搜索、匹配java后缀的文件内容
find . -name "*.java" | xargs grep "msgResend"
nailcui commented
系统状态相关
综合
[log@hostname ~]$ vmstat 1
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wa st
2 0 0 172936 88296 6459424 0 0 1 39 0 0 9 3 88 0 0
2 0 0 171812 88312 6460192 0 0 0 180 51240 56120 22 8 69 0 0
网络
# 统计各种连接数量
netstat -antp | awk '{print $6}' | sort | uniq -c
iptables
# 转发规则
iptables -t nat -A PREROUTING --dst 172.28.57.30 -p tcp --dport 10001 -j DNAT --to-destination 172.28.57.30:10002
tcpdump
# -i 网卡
# -q 简介输出
# -nn 不转换主机名
# -c 输出数量
[root@tc-dev-mid34 ~]# tcpdump tcp -i eth0 -c 10 -q -nn -t dst port 8087 and dst net 10.6.0.28
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 0
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 480
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 0
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 672
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 0
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 448
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 416
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 416
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 0
IP 183.134.103.169.43558 > 10.6.0.28.8087: tcp 448
nailcui commented
Linux 问题排查
# 时间格式,最后20条,滚动展示
# 比如某个进程被杀掉了,可以查看原因
watch "dmesg -T | tail -20"
journalctl
# 查看全部日志
journalctl -u docker
# 查看最近的日志
journalctl -fu kubelet
# 只保留近一周的日志
journalctl --vacuum-time=1w
# 只保留500MB的日志
journalctl --vacuum-size=500M
# 查看某个时间点开始的日志
journalctl --since="2012-10-3018:17:16"
journalctl --since "20 minago"
journalctl --since yesterday
journalctl --since"2015-01-10" --until "2015-01-11 03:00"
journalctl --since 09:00 --until"1 hour ago"
journalctl --since"15:15" --until now
# 显示尾部的最新10行日志
journalctl -n
# 显示尾部指定行数的日志
# 查看的是/var/log/messages的日志,但是格式上有所调整,如主机名格式不一样而已
journalctl -n 20
# 实时滚动显示最新日志
journalctl -f
nailcui commented
证书相关
# 将这个接口的证书 down 下来
openssl s_client -showcerts -connect baidu.com:636 </dev/null 2>/dev/null|openssl x509 -outform PEM > mycertfile.pem