|Front | Info | Lists | Newsfeeds | Study Guide | What is BSD?|
This is the BSDA Study Guide Book written via a wiki collaboration. This is a work in progress. You may contribute to or discuss this specific page at http://bsdwiki.reedmedia.net/wiki/Review_log_files_to_troubleshoot_and_monitor_system_behavior.html.
Review log files to troubleshoot and monitor system behavior
Be aware of the importance of reviewing log files on a regular basis as well as how to watch a log file when troubleshooting. Be able to view compressed logs.
The review and monitoring of log files can help maintain the health of a system. The tools like dmesg(8),
tail(1) and grep(1) all help the administrator to troubleshoot problems. What and how a system logs is
controlled by the syslogd(8) program, the amount and verbosity of logging is configured in the
The default directory where the log files are stored is
The dmesg(8) utility displays the contents of the system message buffer. By default, the buffer is read from the
currently running kernel. File
The tail(1) utility displays the last part of a file. When typed without any additional flags tail displays ten last lines. This default behaviour can be modified by adding -n option with number of lines to be displayed:
Adding -f option causes tail to not stop when end of file is reached, but rather to wait for additional data to be appended to the file, which is very usefull for monitoring changes done to the log file as they come. The syntax is:
The grep(1) applicattion searches the named input file for lines containing a match to the given pattern. The pattern is actually a regular expression, which are explained in section Demonstrate proficiency with regular expressions.
To find a simple pattern within a log file execute command like this:
Displaying the context in which the searched pattern appears in the log file is very useful, especially when reviewing log files. This can be achieved through -A and -B options for printing number of lines of adequately trailing and leading context after and before matching lines.
tail(1), /var/log/*, syslog.conf(5), grep(1), dmesg(8), zmore(1), bzcat(1)