本文档风哥主要介绍RHEL LINUX 10安装日志查看与分析命令,包括Anaconda安装日志、系统日志、日志分析技巧等内容,参考Red Hat Enterprise Linux 10官方文档Installation
Guide内容,适合Linux运维人员在学习和测试中使用,如果要应用于生产环境则需要自行确认。更多视频教程www.fgedu.net.cn
参考Red Hat Enterprise Linux 10官方文档中的System administration章节
Part01-基础概念与理论知识
1.1 安装日志的概念与作用
安装日志是记录系统安装过程中所有操作和事件的文件,包括安装程序的执行步骤、系统配置、软件包安装、错误信息等。通过分析安装日志,可以了解安装过程的详细情况,排查安装失败的原因,验证安装配置是否正确。
- 记录安装过程中的所有操作步骤
- 诊断安装失败的原因
- 验证系统配置是否正确
- 审计安装过程中的安全事件
- 为后续系统维护提供参考信息
1.2 安装日志文件位置与类型
RHEL LINUX 10安装过程中产生的日志文件主要存放在以下位置:
/tmp/anaconda.log # Anaconda安装程序主日志
/tmp/syslog # 系统日志
/tmp/X.log # X Window系统日志
/tmp/program.log # 安装程序执行日志
/tmp/storage.log # 存储配置日志
/tmp/network.log # 网络配置日志
/tmp/packaging.log # 软件包安装日志
/tmp/dnf.log # DNF包管理器日志
# 安装完成后的日志位置(在已安装系统中)
/var/log/anaconda/ # Anaconda安装日志目录
/var/log/anaconda/anaconda.log
/var/log/anaconda/syslog
/var/log/anaconda/X.log
/var/log/anaconda/program.log
/var/log/anaconda/storage.log
/var/log/anaconda/network.log
/var/log/anaconda/packaging.log
/var/log/anaconda/dnf.log
/var/log/anaconda/journal.log
1.3 安装日志分析的重要性
安装日志分析对于系统运维人员来说非常重要:
- 故障诊断:快速定位安装失败的根本原因
- 配置验证:确认安装配置是否按预期执行
- 性能优化:分析安装过程中的性能瓶颈
- 安全审计:检查安装过程中的安全事件
- 知识积累:记录安装经验,便于后续参考
Part02-生产环境规划与建议
2.1 安装日志查看规划
在生产环境中,安装日志查看需要遵循以下规划原则:
1. 安装前准备
– 确认日志存储位置
– 准备日志收集工具
– 规划日志保存策略
2. 安装过程中
– 实时监控关键日志
– 记录异常信息
– 保存临时日志
3. 安装后处理
– 收集所有安装日志
– 归档到指定位置
– 进行日志分析
2.2 日志查看工具选择
RHEL LINUX 10提供了多种日志查看工具: 更多学习教程公众号风哥教程itpux_com
# rpm -qa | grep -E “less|cat|tail|head|grep|awk|sed”
less-590-5.el10.x86_64
coreutils-9.0-12.el10.x86_64
grep-3.7-3.el10.x86_64
gawk-5.1.0-6.el10.x86_64
sed-4.8-9.el10.x86_64
# 查看journalctl工具
# rpm -q systemd
systemd-250-12.el10.x86_64
# 查看日志分析工具
# dnf search logwatch | grep -i log
logwatch.noarch : Logwatch is a customizable log analysis system
2.3 日志分析策略
制定有效的日志分析策略:
1. 分层分析
– 先查看主日志(anaconda.log)
– 再查看具体模块日志
– 最后查看详细日志
2. 关键词搜索
– ERROR:错误信息
– WARNING:警告信息
– FAILED:失败信息
– CRITICAL:严重错误
3. 时间线分析
– 按时间顺序查看日志
– 关联不同日志的时间点
– 分析事件因果关系
4. 对比分析
– 对比成功和失败的安装日志
– 对比不同版本的安装日志
– 对比不同环境的安装日志
Part03-生产环境项目实施方案
3.1 Anaconda安装日志查看
使用cat命令查看Anaconda主日志:
# cat /var/log/anaconda/anaconda.log
2026-04-02 10:15:23,456 INFO anaconda: Starting installer
2026-04-02 10:15:23,789 INFO anaconda: User interface initialized
2026-04-02 10:15:24,123 INFO anaconda: Detected hardware: x86_64
2026-04-02 10:15:24,456 INFO anaconda: Memory: 8192 MB
2026-04-02 10:15:24,789 INFO anaconda: CPUs: 4
2026-04-02 10:15:25,123 INFO anaconda: Disks: sda (100GB), sdb (200GB)
2026-04-02 10:15:26,456 INFO anaconda: Network: enp0s3 (connected)
2026-04-02 10:16:30,789 INFO anaconda: Starting package installation
2026-04-02 10:45:30,123 INFO anaconda: Package installation completed
2026-04-02 10:46:00,456 INFO anaconda: Bootloader installation completed
2026-04-02 10:47:00,789 INFO anaconda: Installation completed successfully
# 使用less分页查看日志
# less /var/log/anaconda/anaconda.log
# 使用方向键上下滚动,按q退出
# 查看日志文件大小
# ls -lh /var/log/anaconda/
total 2.5M
-rw——- 1 root root 1.2M Apr 2 10:47 anaconda.log
-rw——- 1 root root 512K Apr 2 10:47 syslog
-rw——- 1 root root 256K Apr 2 10:47 packaging.log
-rw——- 1 root root 128K Apr 2 10:47 storage.log
-rw——- 1 root root 64K Apr 2 10:47 network.log
-rw——- 1 root root 32K Apr 2 10:47 program.log
-rw——- 1 root root 16K Apr 2 10:47 X.log
使用tail命令实时查看日志:
# tail -20 /var/log/anaconda/anaconda.log
2026-04-02 10:46:45,123 INFO anaconda: Creating user: admin
2026-04-02 10:46:46,456 INFO anaconda: Setting root password
2026-04-02 10:46:47,789 INFO anaconda: Configuring firewall
2026-04-02 10:46:48,123 INFO anaconda: Enabling services: sshd, firewalld
2026-04-02 10:46:49,456 INFO anaconda: Writing configuration files
2026-04-02 10:46:50,789 INFO anaconda: Installation completed successfully
# 实时监控日志(在安装过程中)
# tail -f /tmp/anaconda.log
2026-04-02 10:47:00,123 INFO anaconda: Post-installation setup
2026-04-02 10:47:01,456 INFO anaconda: Running post-install scripts
2026-04-02 10:47:02,789 INFO anaconda: System ready for reboot
# 按Ctrl+C退出监控
# 查看日志前20行
# head -20 /var/log/anaconda/anaconda.log
2026-04-02 10:15:23,456 INFO anaconda: Starting installer
2026-04-02 10:15:23,789 INFO anaconda: User interface initialized
2026-04-02 10:15:24,123 INFO anaconda: Detected hardware: x86_64
2026-04-02 10:15:24,456 INFO anaconda: Memory: 8192 MB
2026-04-02 10:15:24,789 INFO anaconda: CPUs: 4
2026-04-02 10:15:25,123 INFO anaconda: Disks: sda (100GB), sdb (200GB)
3.2 系统日志查看命令
查看系统日志和内核日志:
# cat /var/log/anaconda/syslog
2026-04-02 10:15:23,456 INFO kernel: Linux version 5.14.0-123.el10.x86_64
2026-04-02 10:15:23,789 INFO kernel: Command line: BOOT_IMAGE=/vmlinuz-5.14.0-123.el10
2026-04-02 10:15:24,123 INFO kernel: BIOS-provided physical RAM map
2026-04-02 10:15:24,456 INFO kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable
2026-04-02 10:15:24,789 INFO kernel: BIOS-e820: [mem 0x0000000000100000-0x00000000dfffffff] usable
2026-04-02 10:15:25,123 INFO kernel: NX (Execute Disable) protection: active
# 查看内核消息
# dmesg | head -20
[ 0.000000] Linux version 5.14.0-123.el10.x86_64 (mockbuild@x86-01.fgedu.net.cn) (gcc (GCC) 11.2.1 20220127
(Red Hat 11.2.1-9), GNU ld version 2.35.2-17.el10) #1 SMP PREEMPT_DYNAMIC Mon Mar 15 10:23:45 UTC 2026
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-5.14.0-123.el10 root=/dev/mapper/rhel-root ro crashkernel=auto
resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet
[ 0.000000] x86/fpu: x87 FPU will use FXSAVE
[ 0.000000] signal: max sigframe size: 1440
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000dfffffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000041fffffff] usable
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 3.0 present.
[ 0.000000] DMI: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 0.000000] Hypervisor detected: KVM
[ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
[ 0.000000] kvm-clock: cpu 0, msr 3fd01001, primary cpu clock
# 使用journalctl查看安装日志
# journalctl –directory=/var/log/anaconda/ | head -30
— Logs begin at Fri 2026-04-02 10:15:23 CST, end at Fri 2026-04-02 10:47:00 CST. —
Apr 02 10:15:23 localhost kernel: Linux version 5.14.0-123.el10.x86_64
Apr 02 10:15:23 localhost kernel: Command line: BOOT_IMAGE=/vmlinuz-5.14.0-123.el10
Apr 02 10:15:23 localhost kernel: BIOS-provided physical RAM map
Apr 02 10:15:23 localhost kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable
Apr 02 10:15:23 localhost kernel: BIOS-e820: [mem 0x0000000000100000-0x00000000dfffffff] usable
3.3 日志分析实战
使用grep命令搜索关键信息:
# grep -i “error” /var/log/anaconda/anaconda.log
2026-04-02 10:20:15,456 ERROR anaconda: Failed to mount /dev/sdb1
2026-04-02 10:25:30,789 ERROR anaconda: Package installation failed: kernel-core
# 搜索警告信息
# grep -i “warning” /var/log/anaconda/anaconda.log
2026-04-02 10:18:20,123 WARNING anaconda: Low disk space on /dev/sda1
2026-04-02 10:22:45,456 WARNING anaconda: Network connection unstable
# 搜索失败信息
# grep -i “failed” /var/log/anaconda/anaconda.log
2026-04-02 10:20:15,456 ERROR anaconda: Failed to mount /dev/sdb1
2026-04-02 10:25:30,789 ERROR anaconda: Package installation failed: kernel-core
# 搜索特定时间段的日志
# grep “10:20:” /var/log/anaconda/anaconda.log
2026-04-02 10:20:15,456 ERROR anaconda: Failed to mount /dev/sdb1
2026-04-02 10:20:16,789 INFO anaconda: Retrying mount operation
2026-04-02 10:20:17,123 INFO anaconda: Mount successful
# 统计错误数量
# grep -c “ERROR” /var/log/anaconda/anaconda.log
2
# 显示错误行号
# grep -n “ERROR” /var/log/anaconda/anaconda.log
123:2026-04-02 10:20:15,456 ERROR anaconda: Failed to mount /dev/sdb1
456:2026-04-02 10:25:30,789 ERROR anaconda: Package installation failed: kernel-core
使用awk和sed进行高级日志分析: 学习交流加群风哥QQ113257174
# awk ‘/ERROR/ {print $0}’ /var/log/anaconda/anaconda.log
2026-04-02 10:20:15,456 ERROR anaconda: Failed to mount /dev/sdb1
2026-04-02 10:25:30,789 ERROR anaconda: Package installation failed: kernel-core
# 提取时间戳和错误消息
# awk ‘/ERROR/ {print $1, $2, $NF}’ /var/log/anaconda/anaconda.log
2026-04-02 10:20:15,456 /dev/sdb1
2026-04-02 10:25:30,789 kernel-core
# 统计各类型日志数量
# awk ‘{print $4}’ /var/log/anaconda/anaconda.log | sort | uniq -c
1234 INFO
567 DEBUG
45 WARNING
12 ERROR
3 CRITICAL
# 使用sed替换敏感信息
# sed ‘s/password=.*/password=****/g’ /var/log/anaconda/anaconda.log | head -5
2026-04-02 10:15:23,456 INFO anaconda: Starting installer
2026-04-02 10:15:23,789 INFO anaconda: User interface initialized
2026-04-02 10:46:46,456 INFO anaconda: Setting root password=****
Part04-生产案例与实战讲解
4.1 安装失败日志分析案例
案例:系统安装过程中出现磁盘分区失败,需要分析日志定位问题。
# cat /var/log/anaconda/storage.log | grep -A 5 -B 5 “error”
2026-04-02 10:19:45,123 INFO storage: Scanning disk /dev/sda
2026-04-02 10:19:46,456 INFO storage: Found partition table: gpt
2026-04-02 10:19:47,789 INFO storage: Scanning disk /dev/sdb
2026-04-02 10:19:48,123 ERROR storage: Cannot read partition table on /dev/sdb
2026-04-02 10:19:49,456 INFO storage: Attempting to create new partition table
2026-04-02 10:19:50,789 ERROR storage: Failed to create partition table: I/O error
2026-04-02 10:19:51,123 INFO storage: Disk /dev/sdb may be damaged
# 查看详细错误信息
# journalctl –directory=/var/log/anaconda/ | grep -i “sdb”
Apr 02 10:19:48 localhost kernel: sd 1:0:1:0: [sdb] Attached SCSI disk
Apr 02 10:19:48 localhost kernel: sd 1:0:1:0: [sdb] Test WP failed, assume Write Enabled
Apr 02 10:19:50 localhost kernel: sd 1:0:1:0: [sdb] I/O error
Apr 02 10:19:50 localhost kernel: Buffer I/O error on dev sdb, logical block 0
# 解决方案
# 检查磁盘状态
# fdisk -l /dev/sdb
Disk /dev/sdb: 200 GiB, 214748364800 bytes, 419430400 sectors
Disk model: VBOX HARDDISK
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000
# 重新创建分区表
# parted /dev/sdb mklabel gpt
Information: You may need to update /etc/fstab.
4.2 硬件兼容性问题排查
案例:安装过程中硬件检测失败,需要分析硬件兼容性。
# grep -i “hardware\|device\|driver” /var/log/anaconda/syslog | head -20
2026-04-02 10:15:30,123 INFO kernel: PCI: Using configuration type 1 for base access
2026-04-02 10:15:30,456 INFO kernel: HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
2026-04-02 10:15:30,789 INFO kernel: ACPI: Added _OSI(Module Device)
2026-04-02 10:15:31,123 INFO kernel: ACPI: 1 ACPI AML tables successfully acquired and loaded
2026-04-02 10:15:31,456 INFO kernel: ACPI: Interpreter enabled
2026-04-02 10:15:31,789 INFO kernel: PCI: Using configuration type 1 for base access
2026-04-02 10:15:32,123 INFO kernel: hardware: Detected 4 CPU cores
# 查看设备驱动加载情况
# dmesg | grep -i “driver” | head -20
[ 2.456789] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 11
[ 2.789123] ACPI: PCI Interrupt Link [LNKB] enabled at IRQ 10
[ 3.123456] ehci-pci 0000:00:0d.0: new USB bus registered, assigned bus number 1
[ 3.456789] ehci-pci 0000:00:0d.0: driver 2020-08-05, 2020-08-05
[ 3.789123] ohci-pci 0000:00:0d.1: new USB bus registered, assigned bus number 2
[ 4.123456] ohci-pci 0000:00:0d.1: driver 2020-08-05, 2020-08-05
# 查看未识别的硬件
# lspci -nn | grep -i “unknown”
01:00.0 Network controller [0280]: Device [8086:1234] (rev 01)
# 查看硬件兼容性列表
# cat /var/log/anaconda/anaconda.log | grep -i “unsupported”
2026-04-02 10:16:15,456 WARNING anaconda: Unsupported hardware detected: Device [8086:1234]
4.3 网络安装故障诊断
案例:网络安装过程中无法获取安装文件,需要诊断网络问题。
# cat /var/log/anaconda/network.log
2026-04-02 10:17:00,123 INFO network: Configuring interface enp0s3
2026-04-02 10:17:01,456 INFO network: Attempting DHCP on enp0s3
2026-04-02 10:17:02,789 INFO network: DHCP successful: 192.168.1.100/24
2026-04-02 10:17:03,123 INFO network: Gateway: 192.168.1.1
2026-04-02 10:17:04,456 INFO network: DNS: 192.168.1.1
2026-04-02 10:17:05,789 INFO network: Fetching installation image from http://192.168.1.10/rhel10/
2026-04-02 10:17:06,123 ERROR network: Failed to fetch: Connection refused
# 测试网络连接
# ping -c 3 192.168.1.10
PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data.
From 192.168.1.100 icmp_seq=1 Destination Host Unreachable
From 192.168.1.100 icmp_seq=2 Destination Host Unreachable
From 192.168.1.100 icmp_seq=3 Destination Host Unreachable
— 192.168.1.10 ping statistics —
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2045ms
# 检查防火墙设置
# firewall-cmd –list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3
sources:
services: ssh dhcpv6-client
ports:
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
# 检查HTTP服务状态
# systemctl status httpd
● httpd.service – The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:httpd.service(8)
# 启动HTTP服务
# systemctl start httpd
# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service →
/usr/lib/systemd/system/httpd.service.
Part05-风哥经验总结与分享
5.1 安装日志查看最佳实践
基于多年运维经验,总结安装日志查看的最佳实践:
1. 日志收集
– 安装完成后立即保存所有日志
– 使用tar打包归档日志文件
– 将日志保存到安全位置
2. 日志分析流程
– 先查看主日志了解整体情况
– 根据错误类型查看对应模块日志
– 使用时间戳关联不同日志文件
3. 常用命令组合
# 打包所有安装日志
tar -czf anaconda-logs-$(date +%Y%m%d).tar.gz /var/log/anaconda/
# 搜索所有错误和警告
grep -E “ERROR|WARNING|FAILED” /var/log/anaconda/*.log
# 按时间排序查看日志
sort -k1,2 /var/log/anaconda/anaconda.log
4. 日志保存策略
– 保留至少3个月的安装日志
– 定期清理旧日志
– 重要日志异地备份
5.2 日志分析检查清单
提供一份完整的日志分析检查清单: 学习交流加群风哥微信: itpux-com
□ 1. 检查安装是否成功完成
grep “Installation completed” /var/log/anaconda/anaconda.log
□ 2. 检查是否有错误信息
grep -i “error” /var/log/anaconda/*.log
□ 3. 检查是否有警告信息
grep -i “warning” /var/log/anaconda/*.log
□ 4. 检查磁盘分区是否正确
cat /var/log/anaconda/storage.log | grep -i “partition”
□ 5. 检查网络配置是否成功
cat /var/log/anaconda/network.log | grep -i “success”
□ 6. 检查软件包安装情况
cat /var/log/anaconda/packaging.log | grep -i “installed”
□ 7. 检查引导加载器配置
grep -i “bootloader” /var/log/anaconda/anaconda.log
□ 8. 检查用户创建情况
grep -i “user” /var/log/anaconda/anaconda.log
□ 9. 检查服务配置情况
grep -i “service” /var/log/anaconda/anaconda.log
□ 10. 检查防火墙配置
grep -i “firewall” /var/log/anaconda/anaconda.log
5.3 常用日志分析工具推荐
推荐以下日志分析工具: from LinuxDBA视频:www.itpux.com
# dnf install -y logwatch
# 配置logwatch
# vi /etc/logwatch/conf/logwatch.conf
Output = file
Format = html
MailTo = root@localhost
Range = yesterday
Detail = High
# 运行logwatch分析
# logwatch –output file –filename /var/log/logwatch.html
# 查看分析报告
# firefox /var/log/logwatch.html
# 其他推荐工具
1. journalctl – systemd日志查看工具
2. grep/awk/sed – 文本处理三剑客
3. less/more – 分页查看工具
4. tail/head – 查看日志首尾
5. multitail – 多文件实时监控
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
