Basics of Linux - [Log Viewing]

Why view Logs?

In my opinion one of the best things about linux is logs. Because these logs let you know what actually is going on with your back-end daemon,api or OS.  If you want to become good at troubleshooting in linux you need to know your logs.

Where are the Logs? 

The norm in linux is to place logs of your software in this location

/var/log/

some common logs that are created on a fresh Linux install are

 

messages contains all the messages from kernel & other processes unless specified otherwise for example you can see the httpd directory so that means apache has been explicitly told to log at a separate location.

Although it is a good practice to make logs in /var/log directory , there is no restriction on where you can store your logs.

Commands to View Logs

From a system administration point of view it is imperative to know how to view and interpret logs.

You can use the following commands to see the log files:

1.       less command

·         displays the specified text file one page at a time, you can scroll UP or DOWN

·         less /var/log/messages

2.       more command

·         displays the specified text file one page at a time, you can only scroll DOWN

·         more /var/log/messages

3.       cat command

·         displays the contents of file in one go

·         cat /var/log/messages

4.       grep command

·         will match the specified pattern and output only matching lines if found

·         grep “domain.com” /var/log/messages

5.       tail command

·         will display last 10 lines from specified file

·         tail /var/log/messages

6.       head

·         will display first 10 lines from specified file

·         head /var/log/messages

Viewing Logs in Real Time

Using the switch ‘f’ with tail command will allow you to continuously view a text file. Alternatively you can also use the command “tailf” which does the same thing as ‘tail –f’

View of message file using VIM editor