Unlike the less command, issuing dmesg will display the full contents of the log and send you to the end of the file. If anything has been logged to that facility, it will print out. To do this, issue the command dmesg –facility=user. Say you want to view log entries for the user facility. Figure 2: A USB external drive displaying an issue that may need to be explored.įortunately, there is a built-in control mechanism that allows you to print out only certain facilities (such as daemon). From the terminal window, issue the command dmesg and the entire kernel ring buffer will print out (Figure 2). By default, the command will display all messages from the kernel ring buffer. The dmesg command prints the kernel ring buffer. This, of course, isn’t terribly efficient. You can then scroll up with the arrow keys or the scroll wheel to find exactly what you want. Will syslog open in the less command, you could also hit the + combination to immediately go to the end of the log file. The one problem with this method is that syslog can grow fairly large and, considering what you’re looking for will most likely be at or near the bottom, you might not want to spend the time scrolling line or page at a time to reach that end. You can then use the arrow keys to scroll down one line at a time, the spacebar to scroll down one page at a time, or the mouse wheel to easily scroll through the file. This command will open the syslog log file to the top. To do that, you could quickly issue the command less /var/log/syslog. Say you want to view the contents of that particular log file. One of the most important logs contained within /var/log is syslog. This particular log file logs everything except auth-related messages. Now, let’s take a peek into one of those logs. Figure 1: A listing of log files found in /var/log/. Now issue the command ls and you will see the logs housed within this directory (Figure 1). Open up a terminal window and issue the command cd /var/log. This is such a crucial folder on your Linux systems. And the key issue here is, how do you view those log files?įortunately there are numerous ways in which you can view your system logs, all quite simply executed from the command line. We are going to be focus on system logs, as that is where the heart of Linux troubleshooting lies. Where a desktop application will write logs will depend upon the developer and if the app allows for custom log configuration. For desktop app-specific issues, log files will be written to different locations (e.g., Thunderbird writes crash reports to ‘~/.thunderbird/Crash Reports’). These are all system and service logs, those which you will lean on heavily when there is an issue with your operating system or one of the major services. Most log files can be found in one convenient location: /var/log. In fact, every seasoned administrator will immediately tell you that the first thing to be done, when a problem arises, is to view the logs.Īnd there are plenty of logs to be found: logs for the system, logs for the kernel, for package managers, for Xorg, for the boot process, for Apache, for MySQL… For nearly anything you can think of, there is a log file. After all, they are there for one very important reason…to help you troubleshoot an issue. For more great SysAdmin tips and techniques check out our free intro to Linux course.Īt some point in your career as a Linux administrator, you are going to have to view log files. This is a classic article written by Jack Wallen from the archives.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |