Saturday, August 3, 2013

System Logs in Linux

Introduction to syslogd
syslog daemon responsible from syslog. This structure collects all messages from running programs to the logs. It categorizes all of messages according to its types and priority, and presents to us. This is very useful for error debugging. We can use this messages to find the actual problem if we have any one at any time. Actually I used that in my previous post. You may wanna see it.

Reading Logs

Now, let's look at how we can read logs. FHS determines the location of logs as /var/log. We can use tail command to read last ten messages like that:

cd /var/log
tail messages # note: if you don't see anything or get no file error type: tail syslog

output of this command:




As you can see from last ten messages, at 10:42:24 I disconnected the modem I cut the internet, which is a message from network manager and it have saved into syslog.

Following Logs from tail

A system administrator would use tail -f command to follow log messages like that:
tail -f /var/log/messages or tail -f /var/log/syslog

Because by using -f parameter with tail command, we can read new messages from running programs at right now. This is very handful for debugging. Also, almost all system manager executes that command in another terminal all the time, to see the messages coming through when the programs are running.

Let's see how it works: I entered the command to read syslog continuously, and I disabled eth0 in another terminal, the terminal views are given below:

terminal 1:



terminal 2:




As you can see from terminal 2, message says eth1 disabled when we type and entered ifconfig eth1 down into other terminal. It works :).

If you have any question or need some help about system logs in linux, leave a comment below.


No comments:

Post a Comment