What do i look for in logs

Nowhereman@lemmy.stonansh.org to Linux@lemmy.ml – 100 points –

Hi everyone

My proxmox server is crashing daily. And I've been checking the logs. But the thing is. What do I look for? Syslog, kern and daemonlogs. I would like to fix this problem. Need advice ! Thanks

15

When I look a the logs, I'm mostly looking for as least knots as possible, but also to make sure they are cedar, pine, or oak depending on the project.

Oh shit, this isn't the carpentry community. NVM then

When I am reading the logs, I usually check who was the last seaman in charge when the ship crashed through the pier.

The picture made me lol :D

If you know the times of the crash, check whatever is logged right before and after

On Linux systems running systems I usually use the journalctl tool to look at messages. Ex.

journalctl --list-boots journalctl --since="2012-10-30 18:17:16"

Looking for anything obvious.

I'm -to be honest- quite the noob. What is obvious?

Anything looking like this: http://i.stack.imgur.com/RMcUY.jpg

Anything saying "error" or "fatal" in the kernel log.

It's quite likely that you will not find anything because the machine reboots before it can write to disk. In that case, I'd start with memtest86.

Protip: view the logs in vim, it highlights errors in red.

grep -Ri 'error/|warning' /var/log/

Then you can further pipe 'grep' or 'grep -v' based on what you see or for a specific time.

You know what the various logs are, that's good to help out. So you have any crash dumps enabled? I think on Debian (what promox is based on), you have to install kdump tools and reboot. Then it should cause a the kernel to log a dump file you can read with crash if it's a kernel crash and not something else.

Ok will do this. It chrashed again. And I need this thing up and running and keep running.

A good place to start because it's a likely culprit is anything mentioning "OOM" (which refers to Out Of Memory)