Linux Commands for Beginners 13 - Viewing Logs

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] welcome back everyone in this video I wanted to show you guys some basics of logging logs are awesome because if you have any kind of problem or even not a problem you just want to understand something about your system the logs will actually show you some very important things so it's a good idea to know how to get to logs and how to view them and that's what we're going to go over in this video ok so back here on my machine I'm going to show you guys a couple of ways to view logs some of these log files are going to require root privileges so you won't actually be able to view them without pseudo different logs have different permission levels so what I'm going to do is show you one log right now this is a very common one so I'm going to do cat slash bar log syslog and a lot of information just passed by on the screen here so what is up with that well the syslog basically is a text file that includes all kinds of logging information about your system and it just keeps going and going and going and it's not for any one particular category this shows output for a lot of different things so this is going to look like information overload if you don't exactly know what it is you're looking for so I'm going to give you a practical example of this in just a moment but what we want to do right now is go into the VAR log directory and let's take a look at the files that are stored here and there's quite a few so we see the syslog file that's the one that I just showed you and it actually is rotating that so that these log files they can become huge and that's a big problem when you're managing Linux servers is that if you don't keep your log files in check they can grow so big and then they can basically take over your free hard drive space that's definitely not a good situation to be in at all but by default the syslog is okay because it's basically rotating and it's being compressed so we can see here that that's actually not a problem it's actually you know pretty much every day it's rotating and then from here down it's actually compressing that so that's being managed properly you can see other log files here in this directory I'm not going to go over all of them because that would be outside the scope of this video we have a patchy to log directory here and sometimes that's the case when you have a directory for an application we see that we actually have a dedicated folder for Apache 2 and inside this folder we have several log files we can see an access log we can even see an airlock so let's just see what's inside the air log I'm kind of curious about that so I'll just in the Apache directory is relative to my local path here so I'm just going to cat from the Apache 2 directory error log and let's see what's inside there and we have some interesting things here now nothing that really matters because you know what we're not even really serving anything important but if this was an important server and we were having problems we might want to check that error log to see if any of the output there will help us narrow down the problem we also here have a D message log right here I'm gonna go ahead and show you guys that and mostly hardware information here and kernel information things like that that are kind of more lower level are going to be included in the D message now one thing that's interesting about this actually you know I'm in the VAR log directory and if I do LS you see that I am in the same directory as D messages now what I'm going to do is go back to my home directory clear the screen and what I can do is just type D mesg just like that from this directory and we can see that there's a dedicated command to viewing this and it's even giving me colorized output so even though I'm not in that actual directory I'm able to see some information about my system so maybe if I'm troubleshooting some some issues here I might you know want to look into this and here is an actual issue that I may want to look into my CPU is going above threshold which means my CPU clock is throttling at times that's not good I'm probably going to want to check into that maybe I need new firmware on my laptop maybe there's some kind of configure I need to change something is going on here and I might need to look into that and thanks to the D message log I was able to find information about that now one thing I want to show you guys is the head and tail commands which are very simple I thought about making these into their own video but you know that'd be a very short video the head command will show the first 10 lines and the tail command will show the last 10 lines and you can customize how many lines of shows but I'll give you an example if I do a head and I do /var log let's just do the syslog again we see here that we have the first 10 lines it's going to look like more than that because it's wrapping but we actually see that we have additional things here that are showing up do we actually see 10 lines if I was to change that to tail I can see the last 10 lines of the file because maybe that's really all we care about is the last 10 lines we don't need to have all of the log files showing up on the screen if it's a log file with tens of thousands of lines for example and we use the cat command well we might be waiting a while for the output to finish before we you know we regain control of our session and if you're impatient like me that's not a good time and that could be customized to sew tail maybe I want to show the last 50 lines so I could do dash n and then 50 and then the file the path to the file and filename and now I'm going to see the you know last 50 lines so I can narrow it down based on that and you know that's pretty useful but probably not the most useful thing my favorite thing about logging or my favorite thing to do with logging is to do the the follow option with tail which is actually tail - F and then such VAR log or whatever the file path is and the file name whatever that happens to be it doesn't even have to be a log file could just simply be a text file and what is that going to do well we see that it is showing me the last 10 lines by default because I didn't ask for anything else however you know it's kind of blinking at me it's not even like returning to my command letting me type something else here if I press ENTER and nothing happens so you know what's going on here well actually that's what I wanted this is allowing me to follow the particular file and anytime the file has changed its going to show me the changes immediately and I'll give you an example I'll open a new terminal here and then what I'm going to do is increase the font size again I'm gonna get it out of the way a little bit and I'm gonna just restart SSH randomly that's just something I'm gonna do so I'm gonna sudo systemctl restart SSH I know SSH is running on my laptop is something I have installed I'm gonna go ahead and press Enter immediately when I did that you see that I have logging information here that automatically updated so I could just you know press ENTER a bunch of times and create some blank space and of course we have some other things that are happening here so you know I don't need any of that output but I can go back here really quickly and just restart it again and you can see that I see the output right away so why does this matter so if you are troubleshooting with a user and you are watching them basically because you want them to reproduce the problem but you want to watch the log file in real time well you can basically follow the log and while they're trying to reproduce the problem then you're going to see the output here and that's going to help you basically follow along with the user as you're troubleshooting and that's definitely a very very useful thing to have but there's also one more command that I want to show you guys that's relative to logging and that's journal CTL which is actually part of system D that gives you another interface through which to view your log files but with journal CTL you can actually do - you and then the name of a unit so I could follow SSH by itself and it's going to show me only messages that are related to the service or unit that I gave it as an argument so the same thing would happen if I change that to a patchy - it's going to show me messages that are related to Apache - which allows me to narrow down blog entries to one specific thing now of course you could pretty much do the same thing and our log with the text files thereby grepping for certain keywords which of course is a very common way of doing that so for example I can do cat VAR log syslog but I can pipe it into grep which allows me to narrow down the output and I can grep for Apache too and you're not going to get as much information because it literally has to have Apache 2 in the output whereas with journal CTL we see a lot more because it knows that it's related to Apache 2 like for example this line right here doesn't include the string Apache 2 but it still shows it because journal CTL know is that this line came from Apache so it's going to make sure that I see it when I asked for it now you can also do a follow with journal CTL as well so I could do journal CTL - you and of course the name like I did before but I can also add F in there as well journal CTL - F and then you Apache - which I guess can sometimes be hilarious order there but I'm not going to get into that but then anyway I'm gonna press ENTER and the same thing here it's blinking at me it's not returning me to my prompt it's limiting the output to Apache so I could in another terminal just do sudo systemctl restart Apache 2 and we see that as soon as I did that I have new output here that's specific and exclusive to Apache 2 so this allows me to follow logs for a specific application while I'm working on it I can make sure that everything starts up properly then it restarts properly I could basically watch the output of the logs while I'm doing actual work on my server so that's somewhat of a high-level look at logging it gets a little bit more involved than that but I think that's enough for now you know from a previous video how to start and restart system D units and now you know how to use journal CTL to view actual logging output for them and in addition to that you've got you know about var log syslog and D message those are some definitely useful files to know and check out so at this point if you run into a problem and you need to troubleshoot that you should be able to actually use these commands to help narrow down any issues you might be experiencing so I hope that was helpful for you guys thanks so much for watching and I'll see you in the next video thank you so much for watching my video I really appreciate it if you want to help me help make sure you check out the description below this video where you'll find links to my latest book mastering a boon to server second edition as well as my patreon page if you like this video be sure to click that like button and share it on Twitter or any other social media network and be sure to subscribe so you'll be the first to see my latest videos as they're uploaded thanks again
Info
Channel: LearnLinuxTV
Views: 41,639
Rating: 4.9483871 out of 5
Keywords: Linux, Tutorial, Learn Linux, gnu/linux, commands, cli, command-line, bash, linux commands for beginners, linux tutorial, linux command line, linux for beginners, ubuntu linux, command line, linux (operating system), linux tutorial for beginners, linux, linux terminal, linux command line tutorial, basic linux commands, linux basic commands, linux commands tutorial, linux command line basics, commands in linux, introduction to linux, sudo, su, ls, cd, mkdir, mv, cp, chmod, chown, linux commands
Id: Ei276TjyxCA
Channel Id: undefined
Length: 12min 2sec (722 seconds)
Published: Mon Jul 29 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.