System Troubleshooting

System Troubleshooting / SysAdmin scripts and commands.

Networking

Show the whole routing table for the computer

netstat -r

Tcpdump:

sudo tcpdump -i eth0 -w client-dump.cap

Get public IP address:

ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

rsyslog script to remove useless log messages

Certificates

Get the certificate of a remote IP Address

ex +'g/BEGIN CERTIFICATE/,/END CERTIFICATE/p' <(echo | openssl s_client -showcerts -connect 127.0.0.1:8080) -scq

Get the entire LDAP certificate chain from an LDAP Server:

ex +'g/BEGIN CERTIFICATE/,/END CERTIFICATE/p' <(echo | openssl s_client -showcerts -connect 10.1.1.187:636) -scq >> ldap_ca_chain.pem

selinux

sestatus

Get SELinux report and then view more details:

aureport -a
ausearch -m avc -i -a 138959

systemctl

systemctl list-unit-files --type=service

Systemctl status:

systemctl status service-name

Service status with more lines:

systemctl status service-name -n50

Full log from service status:

journalctl -u service-name.service

Full log for service for current boot:

journalctl -u service-name.service -b

List failed:

systemctl list-units --state=failed