Summary of 6 Linux log viewing methods

As a backend programmer, you deal with Linux in many places. If you don’t know how to read Linux logs, you are very likely to be ridiculed by colleagues and interviewers, so it is very important to master one or several methods of viewing logs.

There are many commands for viewing logs in Linux: tail, cat, tac, head, echo, etc. This article only introduces several commonly used methods.

1. tail

This is the way I view it most often.

Command format: tail[required parameter][select parameter][file]
-f loop reading
-q Do not display processing information
-v Display detailed processing information
-c<number> Number of bytes to display
-n<number of lines> Display the number of lines
-q, --quiet, --silent Never output the header of the given file name
-s, --sleep-interval=S Used with -f, it means sleeping for S seconds between each repetition

Usage is as follows:

tail -n 10 test.log queries the last 10 lines of the log;
tail -n +10 test.log queries all logs after line 10;
tail -fn 10 test.log loop to view the last 1000 lines of records in real time (most commonly used)

It is usually used in conjunction with grep, for example:

tail -fn 1000 test.log | grep 'keyword'

If the amount of data to be queried at one time is too large, you can turn the pages to view it, for example:

tail -n 4700 aa.log |more -1000 can be displayed on multiple screens (ctrl + f or space bar can be shortcut)

2. head

Head is the opposite of tail. It reads the first few lines of log.

head -n 10 test.log queries the first 10 lines of log in the log file;
head -n -10 test.log queries all logs except the last 10 lines of the log file;

For other parameters of head, refer to tail

3. cat

cat displays the first line to the last line on the screen

To display the entire file at once:

 $ cat filename

Create a file from the keyboard:

$cat > filename

Merge several files into one:

$cat file1 file2 > file can only create new files, cannot edit existing files.

Append the contents of one log file to another:

$cat -n textfile1 > textfile2

Clear a log file:

$cat : >textfile2

Note: > means create, >> means append. Don't get confused.

For other parameters of cat, refer to tail

4. more

The more command is a text filter based on the vi editor. It displays the contents of text files page by page in full screen mode and supports keyword positioning operations in vi. There are several built-in shortcut keys in the more list, the commonly used ones are H (get help information), Enter (scroll down one line), Space (scroll down one screen), Q (exit command). The more command reads the file from front to back, so the entire file is loaded at startup.

This command displays one screen of text at a time, stops when the screen is full, and a prompt message appears at the bottom of the screen, giving the percentage of the file that has been displayed so far: –More– (XX%)

• The syntax of more is: more file name
• Enter Go down n lines, need to be defined, default is 1 line
• Ctrl f scroll down one screen
• Spacebar scrolls down one screen
• Ctrl b Return to the previous screen
• = Output the current line number
• :f Output the file name and the current line number
• v calls the vi editor
• !Command calls Shell and executes the command
• qExitmore

5. sed

This command can search for a specific section of the log file, based on a time range, and can be queried by line number and time range.

By line number

sed -n '5,10p' filename This way you can view only lines 5 to 10 of the file.

By time period

sed -n '/2014-12-17 16:17:20/,/2014-12-17 16:17:36/p' test.log

6. less

When querying logs with the less command, the general process is as follows

less log.log

Shift + G command to the end of the file and then enter? Add the keywords you want to search for example? 1213

Press n to search for keywords upwards

shift+n reverse search keyword
Less is similar to more. You can browse files at will with less, while more can only move forward, not backward, and less will not load the entire file before viewing it.
less log2013.log View the file
ps -ef | less ps View process information and display it in less pages
history | less View command history and display it in less pages
less log2013.log log2014.log Browse multiple files

Common command parameters:

Less is similar to more. You can browse files at will with less, while more can only move forward, not backward, and less will not load the entire file before viewing it.
less log2013.log View the file
ps -ef | less ps View process information and display it in less pages
history | less View command history and display it in less pages
less log2013.log log2014.log Common command parameters for browsing multiple files:
-b <buffer size> Set the buffer size
-g only marks the last searched keyword
-i Ignore case when searching
-m displays percentage similar to more command
-N Display line numbers for each line
-o <filename> Save the output of less in the specified file
-Q Do not use warning sound
-s Display consecutive blank lines as one line
/ string: function to search down for "string"
? string: function to search upwards for "string"
n: repeat the previous search (related to / or ?)
N: Repeat the previous search in reverse direction (related to / or ?)
b Go back one page
h Display the help interface
q quit less command

Generally, I check the logs and apply other commands

history // All history records

history | grep XXX // The history contains records of certain commands

history | more // View records in pages

history -c // Clear all history records

!! Repeat the last command

After querying the records, select: !323

Linux log file description

/var/log/message Information and error logs after system startup, one of the most commonly used logs in Red Hat Linux
/var/log/secure Security-related log information
/var/log/maillog Log information related to mail
/var/log/cron Log information related to scheduled tasks
/var/log/spooler Log information related to UUCP and news devices
/var/log/boot.log Log messages related to daemon startup and stop
/var/log/wtmp This log file permanently records each user login, logout, and system startup and shutdown events

The above is all the content compiled by the editor of 123WORDPRESS.COM. I hope it can help everyone.