c5b9 Log swapping processes - The FreeBSD Forums
The FreeBSD Forums  

Go Back   The FreeBSD Forums > Base System > General
Reload this Page Log swapping processes
Register FAQ Calendar Search Today's Posts Mark Forums Read

General General questions about the FreeBSD operating system. Ask here if your question does not fit elsewhere.

Reply
 
Thread Tools Display Modes
  #1  
Old September 30th, 2010, 15:56
mfeldheim mfeldheim is offline
Junior Member
  
Join Date: Dec 2009
Location: Munich, Germany
Posts: 10
Thanks: 2
Thanked 2 Times in 2 Posts
Default Log swapping processes
We had some weird attack causing some of our front machines to run into swap and even run out of swap. Now the logfiles only show "out of swap" errors, which doesnt really help to find out what process exactly forced the system into crash - and ideas how I could improve logging to tackle / maybe even kill swapping processes?

Code:
# tail -n 2 /var/log/messages
Sep 28 09:06:43 gateway-001 kernel: swap zone exhausted, increase kern.maxswzone
Sep 28 09:06:43 gateway-001 last message repeated 192 times

# sysctl -a | grep "kern.maxswzone"
kern.maxswzone: 33554432

# swapinfo
Device          1K-blocks     Used    Avail Capacity
/dev/ad4s1b      16777216        0 16777216     0%
Last edited by DutchDaemon; September 30th, 2010 at 16:07. Reason: It's [code], not <code>
Reply With Quote
  #2  
Old September 30th, 2010, 19:55
AndyUKG AndyUKG is offline
Member
  
Join Date: Apr 2010
Posts: 387
Thanks: 17
Thanked 17 Times in 17 Posts
Default
Try changing the log settings in /etc/newsyslog.conf so that you keep more historical info?

But if your problem is simply running out of memory you may well not see much in the logs apart (apart from the fact the system is out of memory).

You mention its a "front machine", if it's a web server try tuning apache or whatever so that it prevents so many connections that you run out of memory and dies might be the first thing to consider/check,

Andy.
Last edited by DutchDaemon; September 30th, 2010 at 22:21.
Reply With Quote
  #3  
Old October 1st, 2010, 03:44
phoenix's Avatar
phoenix phoenix is offline
Moderator
  
Join Date: Nov 2008
Location: Kamloops, BC, Canada
Posts: 3,144
Thanks: 43
Thanked 703 Times in 579 Posts
Default
Keep top running in a terminal, and watch the memory columns to see what's using all the RAM?
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
  #4  
Old October 1st, 2010, 04:11
fronclynne's Avatar
fronclynne fronclynne is offline
Senior Member
  
Join Date: Feb 2009
Location: Lunch Time
Posts: 1,297
Thanks: 132
Thanked 166 Times in 143 Posts
Default
Boy, I'd like to say that ps(1) could do something, but I'm not sure. It does too much for my tiny brain.
__________________
Quid habemus reliquum?
Nutrimentum anatum!
Внимание: лифт вниз не поднимает
Reply With Quote
  #5  
Old October 1st, 2010, 05:16
Galactic_Dominator Galactic_Dominator is offline
Member
  
Join Date: Nov 2008
Posts: 194
Thanks: 0
Thanked 31 Times in 27 Posts
Default
I think you're looking for sysutils/fuser. procstat/pstat, and maybe even fstat may have access to the info as well, but it's harder to parse.
Last edited by DutchDaemon; October 1st, 2010 at 13:05.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
apache processes Jeff_8420 Web & Network Services 4 October 13th, 2010 07:30
Command for processes tifoz General 4 February 4th, 2010 17:25
[Solved] how much swapping before you should add ram? phospher General 4 September 11th, 2009 18:31
very good and nice way for read log file and search in log file mfaridi General 8 April 22nd, 2009 22:21
[Solved] syslogd logs to all.log, but not to my.log fredBSD Web & Network Services 1 March 5th, 2009 06:34


All times are GMT +1. The time now is 05:57.

Contact Us - FreeBSD - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
The mark FreeBSD is a registered trademark of The FreeBSD Foundation and is used by The FreeBSD Project with the permission of The FreeBSD Foundation.
Web protection and acceleration provided by CloudFlare
0