logs

Logs

Syslog has an interesting design

It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the type of system generating the message, and is assigned a severity level.

https://en.wikipedia.org/wiki/Syslog

Boot and some devices (dmesg)

Last log

dmesg

All logs

journalctl --dmesg

Kernel

/var/log/kern.log

System

Get file

tail /var/log/syslog

Or invoke

journalctl --system --follow

journalctl --user --follow

Configuration is stored in /etc/rsyslog.conf

Trace a process

strace

strace <COMMAND>

strace echo Hello, world!

List:

system calls only --summary-only
filter a system call -e <CALL>

Check network call

strace -e trace=network curl httpbin.org/get

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

logs

Logs

Boot and some devices (dmesg)

Kernel

System

Trace a process

strace

Clone this wiki locally