Debug School

rakesh kumar
rakesh kumar

Posted on

How to examine and troubleshooting System Log Files using linux command

find the path of syslog
Display the last 10 lines of the syslog file
Filter out log messages by severity level:
Monitor system log messages in real-time
Extract information from the syslog file using regular expressions
Count the number of log messages per application:
Display the last 10 lines of the system message log file
Identify repeating errors

In Linux, the path of syslog may vary depending on the distribution and version of the operating system. However, the most common location for the syslog file is /var/log/syslog.

You can use the following command to find the path of syslog in Linux:

$ sudo find / -name syslog
Enter fullscreen mode Exit fullscreen mode

This command will search for the syslog file in the entire file system starting from the root directory, and display the path of the file if it exists.

For example, if syslog is located in the standard location of /var/log/syslog, the output will look like:

/var/log/syslog
Enter fullscreen mode Exit fullscreen mode

If syslog is located in a different location, the output will show the path to that location.

Note that the find command may take some time to search the entire file system, especially on larger systems, so be patient while the command runs.

In Linux, the pipe command is a powerful tool for manipulating and processing data from log files. Here are some examples of how to use the pipe command to examine System Log Files:

1.Display the last 10 lines of the syslog file:

tail -n 10 /var/log/syslog
Enter fullscreen mode Exit fullscreen mode

This command will display the last 10 lines of the syslog file. You can change the number of lines by modifying the argument to the -n option.

2.Count the number of occurrences of a specific string in the messages file:

grep -c "string_to_search" /var/log/messages
Enter fullscreen mode Exit fullscreen mode

This command will search for the specified string in the messages file and count the number of occurrences. You can replace string_to_search with the actual string you want to search for.

3.Filter out log messages by severity level:

cat /var/log/syslog | grep -E '(WARN|ERROR)'
Enter fullscreen mode Exit fullscreen mode

This command will display all log messages from the syslog file that contain either the string "WARN" or "ERROR". You can modify the regular expression to filter out messages by severity level or any other criteria.

4.Monitor system log messages in real-time:

tail -f /var/log/syslog
Enter fullscreen mode Exit fullscreen mode

5.Extract information from the syslog file using regular expressions:

cat /var/log/syslog | grep -E '([0-9]{1,3}\.){3}[0-9]{1,3}'
Enter fullscreen mode Exit fullscreen mode

This command will extract all IP addresses from the syslog file. You can use regular expressions to extract other types of information, such as MAC addresses, URLs, and timestamps.

6.Count the number of log messages per application:

awk '{print $5}' /var/log/syslog | sort | uniq -c
Enter fullscreen mode Exit fullscreen mode

This command will count the number of log messages for each application that is listed in the syslog file. You can modify the awk command to extract other fields, such as the severity level or the timestamp.
7.Display the last 10 lines of the system message log file:

tail -n 10 /var/log/messages
Enter fullscreen mode Exit fullscreen mode

8.Identify repeating errors:

cat /var/log/syslog | sort | uniq -d
Enter fullscreen mode Exit fullscreen mode

This command will identify repeating error messages in the syslog file. This can be useful for identifying chronic issues that need to be addressed.

This command will display the last 10 lines of the system message log file. You can change the number of lines by modifying the argument to the -n option.

This command will continuously display new log messages from the syslog file as they are generated in real-time. This is useful for monitoring system activity and troubleshooting issues as they occur.

Top comments (0)