1、关闭snmp的syslog
messages会有很多snmpd的信息,影响阅读正常信息
#tail /var/log/messages
- Jan 19 10:01:07 touran snmpd[4033]: Connection from UDP: [127.0.0.1]:5392
- Jan 19 10:01:07 touran last message repeated 10 times
- Jan 19 10:04:09 touran snmpd[4033]: Connection from UDP: [127.0.0.1]:5396
- Jan 19 10:04:09 touran snmpd[4033]: Received SNMP packet(s) from UDP: [127.0.0.1]:5396
- Jan 19 10:04:09 touran snmpd[4033]: Connection from UDP: [127.0.0.1]:5396
- Jan 19 10:06:07 touran last message repeated 11 times
- Jan 19 10:06:07 touran last message repeated 11 times
我们可以重新定义snmpd的日志输出级别来降低垃圾信息
我这里是centos的系统
OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a" 其中的Lsd表示记录系统日志, 去除便不记录到系统日志,把-Lf后的/dev/null改成具体文件路径便记录到该文件
#vi /etc/init.d/snmpd
默认:
OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a"
修改为:
OPTIONS="-Lf /dev/null -p /var/run/snmpd.pid -a"
重启snmpd
#/etc/init.d/snmpd restart
2、关闭nrpe的syslog
messages会有很多nrpe的信息,影响阅读正常信息
#tail /var/log/messages
Mar 28 13:52:14 cg-nb-11 xinetd[2714]: EXIT: nrpe status=0 pid=20595 duration=0(sec)
Mar 28 13:53:09 cg-nb-11 xinetd[2714]: START: nrpe pid=20600 from=192.168.1.9
Mar 28 13:53:09 cg-nb-11 xinetd[2714]: EXIT: nrpe status=0 pid=20600 duration=0(sec)
Mar 28 13:53:59 cg-nb-11 xinetd[2714]: START: nrpe pid=20603 from=192.168.1.9
Mar 28 13:54:00 cg-nb-11 xinetd[2714]: EXIT: nrpe status=0 pid=20603 duration=1(sec)
Mar 28 13:54:01 cg-nb-11 xinetd[2714]: START: nrpe pid=20606 from=192.168.1.9
Mar 28 13:54:02 cg-nb-11 xinetd[2714]: EXIT: nrpe status=0 pid=20606 duration=1(sec)
Mar 28 13:54:17 cg-nb-11 xinetd[2714]: START: nrpe pid=20609 from=192.168.1.9
Mar 28 13:54:18 cg-nb-11 xinetd[2714]: EXIT: nrpe status=0 pid=20609 duration=1(sec)
vi /etc/xinetd.d/nrpe 加上下面一句
log_type = file /dev/null
加上后重启nrpe 等5分钟看看messages里还有没有nrpe的记录,没有的话说明就成功了。
如果/etc/xinetd.d下没有nrpe,可以拷贝其中一个修改如下:
# default: off
# description: nrpe
service nrpe
{
disable = no
socket_type = stream
wait = no
user = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
cps = 100 2
flags = IPv4
log_type = file /dev/null(此处将去掉nrpe的syslog日志)
only_from = 127.0.0.1
}
重启nrpe
#/etc/init.d/xinetd restart