Skip to main content

Log Analysis Patterns

Log analysis — bu tizim va xizmat loglarini tahlil qilish, muammolarni aniqlash, xavfsizlik va monitoring uchun eng muhim jarayonlardan biridir. Loglarni to‘g‘ri o‘qish va tahlil qilish orqali xatoliklar, anomaliyalar va tizim holatini tezda aniqlash mumkin.

Asosiy Log Turlari

  • System loglar: /var/log/syslog, /var/log/messages
  • Xizmat loglari: /var/log/nginx/error.log, /var/log/mysql/error.log
  • Security loglar: /var/log/auth.log, /var/log/secure
  • Application loglar: maxsus dastur loglari

Log Analysis Patterns

1. Xatolik va ogohlantirishlarni aniqlash

  • grep yordamida "error", "fail", "warning" so‘zlarini qidirish:
grep -i 'error' /var/log/syslog
grep -i 'fail' /var/log/nginx/error.log
grep -i 'warning' /var/log/syslog

2. Vaqt bo‘yicha tahlil

  • Muammo qachon yuz berganini aniqlash:
grep '2025-08-08' /var/log/syslog

3. IP va foydalanuvchi bo‘yicha tahlil

  • Muayyan IP yoki user harakatlarini ko‘rish:
grep '192.168.1.10' /var/log/auth.log
grep 'username' /var/log/secure

4. Log rotation va arxivlash

  • Log fayllarini avtomatik aylantirish va arxivlash uchun konfiguratsiyani ko‘rish:
cat /etc/logrotate.conf

5. Pattern matching va statistik tahlil

  • Ko‘p uchraydigan xatoliklarni topish:
grep -o 'error.*' /var/log/syslog | sort | uniq -c | sort -nr

6. Real-time monitoring

  • Loglarni real vaqtda kuzatish:
tail -f /var/log/syslog
journalctl -f

Advanced Log Analysis Tools

  • awk, sed — loglarni formatlash va tahlil qilish:
awk '/error/ {print $0}' /var/log/syslog
sed -n '/fail/p' /var/log/nginx/error.log
  • logwatch, goaccess — avtomatik log tahlili va hisobot:
logwatch --detail high --service nginx --range today
goaccess /var/log/nginx/access.log -o report.html --log-format=COMBINED
  • ELK stack (Elasticsearch, Logstash, Kibana) — katta loglarni vizualizatsiya va tahlil qilish (docker misoli):
docker run -d --name elasticsearch -p 9200:9200 elasticsearch:latest
docker run -d --name kibana -p 5601:5601 kibana:latest

Log analysis yordamida tizim va xizmat muammolarini tezda aniqlash, xavfsizlikni oshirish va monitoringni professional darajada olib borish mumkin!