惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

W
WeLiveSecurity
The GitHub Blog
The GitHub Blog
Engineering at Meta
Engineering at Meta
Microsoft Azure Blog
Microsoft Azure Blog
The Register - Security
The Register - Security
Stack Overflow Blog
Stack Overflow Blog
博客园 - 三生石上(FineUI控件)
T
Threat Research - Cisco Blogs
S
SegmentFault 最新的问题
V2EX - 技术
V2EX - 技术
Hacker News: Ask HN
Hacker News: Ask HN
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
P
Proofpoint News Feed
J
Java Code Geeks
Microsoft Security Blog
Microsoft Security Blog
M
MIT News - Artificial intelligence
AI
AI
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
P
Proofpoint News Feed
Hacker News - Newest:
Hacker News - Newest: "LLM"
B
Blog
N
News and Events Feed by Topic
N
News | PayPal Newsroom
Google DeepMind News
Google DeepMind News
酷 壳 – CoolShell
酷 壳 – CoolShell
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
WordPress大学
WordPress大学
C
Cybersecurity and Infrastructure Security Agency CISA
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
博客园 - 【当耐特】
U
Unit 42
腾讯CDC
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Cloudflare Blog
H
Help Net Security
Recent Announcements
Recent Announcements
P
Privacy & Cybersecurity Law Blog
IT之家
IT之家
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Security Archives - TechRepublic
Security Archives - TechRepublic
L
LINUX DO - 热门话题
Martin Fowler
Martin Fowler
MongoDB | Blog
MongoDB | Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
H
Heimdal Security Blog
博客园 - 聂微东
S
Securelist
大猫的无限游戏
大猫的无限游戏
Cloudbric
Cloudbric
Cisco Talos Blog
Cisco Talos Blog

Feel.name

Centos7安装sngrep – Feel.name DNS大全 – Feel.name Linux下转换文件编码 – Feel.name Linux服务器密钥登陆方法 – Feel.name 升级到最新OpenSSH_9.3p1, OpenSSL 3.1.1 – Feel.name centos 7上创建sftp服务 – Feel.name linux清理缓存(cache) – Feel.name 通过yum来下载RPM包的方法 – Feel.name 年末守望新年期盼 – Feel.name
message 日志里面的“Created slice User Slice of root.”日志去除方法 – Feel.name
Feel · 2022-12-21 · via Feel.name

CentOS 7 的 /var/log/messages 系统记录內会大量出现 slice User 的信息如下:

Dec 20 01:00:01 feel systemd: Started Session 6755 of user root.
Dec 20 01:00:01 feel systemd: Removed slice User Slice of root.
Dec 20 01:01:01 feel systemd: Created slice User Slice of root.
Dec 20 01:01:01 feel systemd: Started Session 6756 of user root.
Dec 20 01:01:01 feel systemd: Removed slice User Slice of root.
Dec 20 01:10:01 feel systemd: Created slice User Slice of root.
Dec 20 01:10:01 feel systemd: Started Session 6757 of user root.
Dec 20 01:10:01 feel systemd: Removed slice User Slice of root.
Dec 20 01:20:01 feel systemd: Created slice User Slice of root.
Dec 20 01:20:01 feel systemd: Started Session 6758 of user root.
Dec 20 01:20:01 feel systemd: Removed slice User Slice of root.
Dec 20 01:30:01 feel systemd: Created slice User Slice of root.
Dec 20 01:30:01 feel systemd: Started Session 6759 of user root.

主要的原因是和 systemd有关,可以通过过滤规则来隐藏

echo 'if $programname == "systemd" and ($msg contains "Starting Session" or $msg contains "Started Session" or $msg contains "Created slice" or $msg contains "Starting user-" or $msg contains "Starting User Slice of" or $msg contains "Removed session" or $msg contains "Removed slice User Slice of" or $msg contains "Stopping User Slice of") then stop' >/etc/rsyslog.d/ignore-systemd-session-slice.conf

systemctl restart rsyslog

参考来源
https://access.redhat.com/solutions/1564823