System administrators, and the usual Linux users, should often look at the log files for troubleshooting. In fact, this is the first thing that any system administrator should do when any error occurs in the system.
Herself operating system Linux and running applications generate Various types messages that are logged in various log files. Linux uses a special software, files and directories for storing log files. Knowing in which files the logs of which programs are located will help you save time and solve the problem faster.
In this article, we will look at the main parts of the Linux logging system, log files, and utilities that can be used to view Linux logs.
Most Linux log files are located in the /var/log/ folder. You can list the log files for your system with the ls command:
Rw-r--r-- 1 root root 52198 May 10 11:03 alternatives.log
drwxr-x--- 2 root root 4096 Nov 14 15:07 apache2
drwxr-xr-x 2 root root 4096 Apr 25 12:31 pm apparmor
drwx------ 2 root root 4096 May 5 10:15 audit
-rw-r--r-- 1 root root 33100 May 10 10:33 boot.log
Below we will look at 20 various files Linux logs located in the /var/log/ directory. Some of these logs are only found on certain distributions, for example dpkg.log is only found on Debian-based systems.
/var/log/messages- contains global Linux system logs, including those logged at system startup. Several types of messages are written to this log: these are mail, cron, various services, kernel, authentication, and others.
/var/log/dmesg- contains messages received from the kernel. Registers a lot of messages at the boot stage, they display information about hardware devices that are initialized during the boot process. We can say this is another log of the Linux system. The number of messages in the log is limited, and when the file is full, with each new message, the old ones will be overwritten. You can also view messages from this log using the dmseg command.
/var/log/auth.log- contains information about user authorization in the system, including user logins and authentication mechanisms that have been used.
/var/log/boot.log- Contains information that is logged when the system boots.
/var/log/daemon.log- Includes messages from various background daemons
/var/log/kern.log- Also contains messages from the kernel, useful for troubleshooting custom modules built into the kernel.
/var/log/lastlog- Displays information about the last session of all users. Is not text file, you must use the lastlog command to view it.
/var/log/maillog /var/log/mail.log- server logs Email running on the system.
/var/log/user.log- Information from all logs at the user level.
/var/log/Xorg.x.log- X server message log.
/var/log/alternatives.log- Information about the operation of the update-alternatives program. These are symbolic links to commands or libraries by default.
/var/log/btmp- log linux file contains information about failed login attempts. To view the file, it is convenient to use the command last -f /var/log/btmp
/var/log/cups- All messages related to printing and printers.
/var/log/anaconda.log- all messages registered during installation are saved in this file
/var/log/yum.log- logs all information about installing packages with Yum.
/var/log/cron- Whenever the Cron daemon starts running a program, it writes the report and messages of the program itself to this file.
/var/log/secure- contains information related to authentication and authorization. For example, SSHd logs everything here, including failed login attempts.
/var/log/wtmp or /var/log/utmp - Linux system logs , contain a user login log. With the wtmp command, you can find out who logged in and when.
/var/log/faillog- log linux systems, contains failed login attempts. Use the faillog command to display the contents of this file.
/var/log/mysqld.log- Linux log files from the MySQL database server.
/var/log/httpd/ or /var/log/apache2- Apache webserver linux11 log files. Access logs are in the access_log file, and errors in the error_log
/var/log/lighttpd/ - linux logs lighttpd web server
/var/log/conman/- ConMan client log files,
/var/log/mail/- this directory contains additional mail server logs
/var/log/prelink/- Prelink program links libraries and executable files to speed up the download process. /var/log/prelink/prelink.log contains information about .so files that have been modified by the program.
/var/log/audit/- Contains information generated by the auditd audit daemon.
/var/log/setroubleshoot/ - SE Linux uses the setroubleshootd daemon (SE Trouble Shoot Daemon) to report security problems. This log contains messages from this program.
/var/log/samba/- contains information and logs file server Samba, which is used to connect to shared folders Windows.
/var/log/sa/- Contains .cap files, packaged sysstat.
/var/log/sssd/- Used by the system security daemon that manages remote access to directories and authentication mechanisms.
To view the logs on Linux, it is convenient to use several utilities command line linux. It could be anyone text editor, or special utility. Most likely, you will need superuser rights in order to view the logs in Linux. Here are the commands that are most often used for this purpose:
I won't go into detail on each of these commands, since most of them are already covered in detail on our website. But I will give a few examples. Viewing Linux logs is very easy:
We look at the log /var/log/messages, with the ability to scroll:
less /var/log/messages
View Linux logs, in real time:
tail -f /var/log/messages
Open the dmesg log file:
cat /var/log/dmesg
First lines of dmesg:
head /var/log/dmesg
Output only errors from /var/log/messages:
grep -i error /var/log/messages
In addition, you can view the logs on linux using graphical utilities. System Log Viewer can be used to convenient viewing and monitor system logs on a laptop or personal computer with linux.
You can install the program on any system with an X server installed. Also, any graphical test editor can be used to view the logs.
In the /var/log directory you can find all the necessary information about Linux work. In today's article, you've learned enough to know where to look, and what to look for. Now viewing logs in Linux will not cause you any problems. If you have any questions, ask in the comments!
Do you know that Linux kernel loads multiple device drivers on system boot?
In fact, when your system is up and running and you plug in a hardware device, the corresponding device driver is also loaded.
Of course, the kernel also does many other things.
What if you want to know information related to these kernel activities?
Well, there is a command - dmesg - that you can use if you want to access messages output by the kernel.
In this tutorial, we will understand how the dmesg tool works using some easy to understand examples.
The syntax for the dmesg command is:
Dmesg
The following are Q&A examples to help you better understand how the dmesg command works.
You can start using the dmesg command without any command line option.
For example, here is a small part of the output of the command generated in my case:
If you run dmesg on your system, you will see that it prints out a lot of information.
Depending on what you are looking for, you can filter or limit the output.
For its part, dmesg offers you this ability through "levels".
Below is the full list of levels (along with their explanation):
Emerg - system is unusable alert - action must be taken immediately crit - critical conditions err - error conditions warn - warning conditions notice - normal but significant condition info - informational debug - debug-level messages
For example, if you want to limit the output to only errors and warnings, you can do it like this:
Dmesg --level=err,warn
In my case, here is part of the output from the above command:
Sometimes you may want to associate a timestamp with the messages that dmesg generates.
This can be done using the -T command line option, which creates human-readable timestamps.
Dmesg -T
Sample output:
AT 4. How to make dmesg display information about a specific device?
Let's say you want dmesg to display only information related to the eth0 interface.
Here is how you can do it:
Dmesg | grep -i eth0
Sample output:
AT 5. How to make dmesg only display userspace messages?
If you want to restrict dmesg output to userspace messages only, use the -u command line option.
Dmesg -u
Agree, dmesg is not the command that you will need every day.
But it is the tool to turn to when someone (whom you have asked for help on a certain topic) asks you to provide kernel messages.
I mostly saw this case on online user forums where advanced users asking for kernel output.
Equipment diagnostics is a rather important issue that should not be missed. That is why I cannot but add an article about the means of obtaining information about devices to the series "SysAdmin Cheat Sheet" for the Debian OS. This time I will try to briefly talk about the main utilities for diagnosing certain server components. Of course, I’ll start with the tools built into the system by default, since any system administrator should know and be able to use them. The following is an overview of packages with general purpose. Finally, we will come to an acquaintance with additional advanced tools that everyone can put at will.
You can find information about the processor using the command:
[email protected]:~# cat /proc/cpuinfo
Or some other data:
[email protected]:~# lscpu
Brief information about memory usage:
[email protected]:~# free-m
The utility also displays information about swap usage. Instead of the -m switch, it may even be better to use -h - get data with volume designations.
Extended information:
[email protected]:~# cat /proc/meminfo
Display a list of existing partitions:
[email protected]:~# fdisk -l
It is worth noting that the main purpose of the fdisk utility is to manage disk partitions.
Print UUID and type file system for each partition, you can use the command:
[email protected]:~# blkid
Information about partitions, mount points and some other data can be obtained using the lsblk utility
[email protected]:~# lsblk
The command displays all block devices in a tree structure.
Interface information:
[email protected]:~# ifconfig
Detailed information about the network card
[email protected]:~# mii-tool -v
To check the availability of nodes, use the well-known ping utility.
The top utility is used to display information about processes and the resources they consume. Information is updated at regular intervals. The data can be sorted, for example, by processing power usage or random access memory(the default is sorting by CPU).
[email protected]:~# top
Get detailed information about hardware You can use dmidecode. The utility provides data received from the BIOS. The package description provides the following reference:
This information usually includes the system manufacturer, model name, serial number, BIOS version, resource descriptor (asset tag), as well as other information of various levels of interest and reliability set by the manufacturer. Often contains the status of busy processor sockets, expansion slots (for example, AGP, PCI, ISA), memory slots, and a list of I/O ports (for example, serial and parallel ports, USB).
Be aware that the data provided by DMI is not reliable enough to be blindly trusted. Dmidecode doesn't scan the hardware, it just outputs the data provided by the BIOS.
[email protected]:~# dmidecode
The output of the command without arguments is too voluminous, it is better to use the --type key and get only the necessary sections, for example:
[email protected]:~# dmidecode --type 5,6
The command will display the type of memory controller and the RAM modules used.
The command is used to print the kernel message buffer. From a hardware point of view, the output can be useful for analyzing hardware problems, and in general for a complete picture of the available hardware. The output of the command is too large and other tools may be needed to analyze it, for example, you can use the output to a file, you can redirect the output to the less command, or you can use grep to find the hardware components you need.
[email protected]:~# dmesg | grep processor
The command will only print lines containing the word processor.
The utility is convenient to use to display a list of all devices connected to the pci bus. The information can be used for diagnostic purposes as well as to identify installed devices.
[email protected]:~# lspci
Use the -t switch to display information in a tree view that will display all the buses and devices connected to them. The -v, -vv, -vvv switches display Additional information for each device; the larger the "v", the more detailed the output is.
In general, the utility is extremely useful when working with the hardware component and allows you to get the most data.
Shows a summary of virtual memory status as well as swap.
[email protected]:~# vmstat2
The command above will display updated data every 2 seconds (instead of 2, you can specify any other number).
Although the utility is primarily intended for managing kernel parameters on the fly, analyzing the set values can help diagnose problems.
[email protected]:~# sysctl -a
The command will display all variables and their values.
All the utilities described below are not included in the standard Debian configuration and will have to be installed separately.
A stronger replacement for the default top utility. Not supplied with the system as standard. Provides a user-friendly interactive interface with built-in help and real-time data updates.
[email protected]:~# htop -d 10
The -d switch sets the value in tenths of a second to update the data. The -c switch switches the program to monochrome mode.
The utility is designed to display detailed information about the hardware. It is most convenient to export data to .html-view and view it in a browser. This method, of course, is excluded when working in console mode, except perhaps when viewing data on another system.
[email protected]:~# lshw -C network
The command will display data only about the network card.
The package consists of two utilities (smartctl and smartd) that monitor S.M.A.R.T indicators hard drives. To start the daemon, you need to make a number of settings:
Uncomment the lines and indicate in parentheses, separated by a space, all the devices on which you want to monitor the status.
enable_smart="/dev/sda /dev/sdb /dev/sdc /dev/sdd /dev/sde"
start_smartd=yes
smartd_opts="—interval=1800"
However, when starting the service on virtual machine with Debian 7.7 I got an error (I must say that tracking S.M.A.R.T on virtual hard drives quite a crazy idea, I did it only for the purpose of testing):
You can view the disk status with the command:
[email protected]:~# smartctl -a /dev/sda
Despite this, the utility is quite common and definitely recommended for use. In addition, there are a lot of instructions on the net for setting up e-mail notifications in case of problems with hard drives.
The main purpose of the program is fine tuning parameters of IDE/SATA hard drives, performance tuning. In addition, you can also view device characteristics with the command (specify your drive):
[email protected]:~# hdparm -i /dev/sda
Disk configuration issues are not planned to be considered within the framework of this article.
The ethtool utility will help you diagnose the network card. Of course, you can extract information using ifconfig, and dmesg, etc., but you will get incomparably more useful data from ethtool. It should be noted that the program works quite crookedly with virtual network interfaces. For example, the display of statistics on the interface was generally empty for me:
[email protected]:~# ethtool -S eth0
no stats available
General information about the interface was about as scarce:
[email protected]:~# ethtool eth0
Settings for eth0:
Link detected: yes
WITH physical interfaces the situation is much better. In addition to diagnostics, the utility is also designed to configure interfaces.
The package contains a number of utilities that can provide information about the performance of various system components. iostat can be especially useful when you want to analyze hard drive usage in terms of I/O operations.
I have listed far from all the main tools, acquaintance with which is so necessary, but as far as possible I am going to supplement the article with the necessary material.
In this article I want to write about console programs, which will help to give out complete information about the hardware of your PC (manufacturer, brand, device ID and other data about the equipment). Many users who migrated to Linux from the evil corporation OS are accustomed to working in graphic programs, but over the years of working in Linux, you understand that everything works faster in the Terminal, the information displayed is more complete and flexible.
Utility lspci is a Unix utility that displays detailed information about all PCI buses and devices on them. The lspci utility first reads information from the PCI bus, and then looks for additional information in its own database, which is located in the file /usr/share/hwdata/pci.ids and contains data such as hardware ID, manufacturer, devices, classes, and subclasses. To run the program run in the Terminal:
lspci
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 06)
03:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
04:00.0 SATA controller: JMicron Technology Corp. JMB362 SATA Controller (rev 10)
05:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
06:00.0 SATA controller: JMicron Technology Corp. JMB362 SATA Controller (rev 10)
07:06.0 FireWire (IEEE 1394): VIA Technologies, Inc. VT6306/7/8 IEEE 1394 OHCI Controller (rev c0)
For more information run:
lspci -v
03:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller (prog-if 30 )
Flags: bus master, fast devsel, latency 0, IRQ 46
Memory at fe500000 (64-bit, non-prefetchable)
Capabilities:
05:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller (prog-if 30 )
Subsystem: ASUSTeK Computer Inc. P8B WS Motherboard
Flags: bus master, fast devsel, latency 0, IRQ 50
Memory at fe300000 (64-bit, non-prefetchable)
Capabilities:
Kernel driver in use: xhci_hcd
07:05.0 Multimedia video controller: Conexant Systems, Inc. CX23880/1/2/3 PCI Video and Audio Decoder (rev 05)
Flags: bus master, medium devsel, latency 32, IRQ 20
Memory at fb000000 (32-bit, non-prefetchable)
Capabilities:
Kernel driver in use: cx8800
07:06.0 FireWire (IEEE 1394): VIA Technologies, Inc. VT6306/7/8 IEEE 1394 OHCI Controller (rev c0) (prog-if 10 )
Subsystem: ASUSTeK Computer Inc. mother board
Flags: bus master, medium devsel, latency 32, IRQ 21
Memory at fc000000 (32-bit, non-prefetchable)
I/O ports at a000
Capabilities:
Kernel driver in use: firewire_ohci
As a result, the text will become much larger, but the information about the equipment will be more voluminous. You can even find out, for example, the IRQ number on which the desired device hangs. If you need to find out information about specific hardware, such as an Nvidia video card, then you need to use the search command with the grep command. As a result, our command will be the following:
lspci | grep NVIDIA
You should pay attention to the fact that the grep command is case sensitive, so if the first time you did not find the information you need, then you should change the search words, for example: nvidia, NVIDIA or part of the word - idia or IDIA.
The output of the command was the following:
01:00.0 VGA compatible controller: NVIDIA Corporation GF108 (rev a1)
01:00.1 Audio device: NVIDIA Corporation GF108 High Definition Audio Controller (rev a1)
If you want to get information about the equipment in a text file, then run the command:
lspci > lspci.txt
As a result, a text file lspci.txt will appear in your Home directory
If you need to get a list of all devices in the system, including USB and SCSI, memory configuration, find out the type of processor, you can use the program dmesg. It lists all hardware that will be detected by the system kernel.
Run the command in Terminal:
dmesg
If you run the command:
dmesg | less
then the list of found equipment will be very large. Therefore, to analyze all the information, I advise you to save the output of this command to a text file. To do this, run the command:
dmesg | less > dmesg.txt
The dmesg output can also be filtered to find the desired devices. The following command will list all USB devices on the system:
dmesg | grep -i usb
You can also use the utility lshw. If not installed, then run the command:
sudo apt-get install lshw
To run it run the command:
sudo lshw
The program displays a structured list of equipment along with information about the devices. The information is very capacious and useful. Some of the information from the output of the utility:
*-cdrom
Description: DVD-RAM writer
Product: DRW-24B5ST
manufacturer: ASUS
physical ID: 0.0.0
bus details: [email protected]:0.0.0
logical name: /dev/sr1
version: 1.00
features: removable audio cd-r cd-rw dvd dvd-r dvd-ram
config: ansiversion=5 mount.fstype=iso9660 mount.options=ro,nosuid,nodev,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500 state=mounted status=ready
*-medium
physical ID: 0
logical name: /dev/sr1
logical name: /media/dm/disk
config: mount.fstype=iso9660 mount.options=ro,nosuid,nodev,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500 state=mounted
You can also extract a lot of useful information from the /proc system directory. It is a kind of “cast” of the system state and its variables, which stores a lot of useful information about the system, namely: laptop battery level, processor info, fan speeds, information about connected devices, and much more. To see what files are in the /proc directory, you need to run the command:
ls /proc/
To find out information about the processor, run the command:
cat /proc/cpuinfo
In my case, the output was like this (only part of the text information is shown):
processor: 0
vendor_id: AuthenticAMD
CPU family: 21
model: 1
model name: AMD FX(tm)-6100 Six-Core Processor
steps: 2
microcode: 0x6000629
cpu MHz: 1400.000
cache size: 2048 KB
physical id: 0
siblings: 6
core id: 0
CPU cores: 3
apicid: 16
initial apicid: 0
fpu:yes
fpu_exception: yes
cpuid level: 13
wp:yes
To find out the battery status of a laptop, you need to run the following command:
cat /proc/acpi/battery/BAT0/info
To find out information about all connected USB devices, you need to use the utility lsusb. Run the command:
lsusb
Bus 003 Device 004: ID 13fe:4100 Kingston Technology Company Inc.
Bus 003 Device 003: ID 125f:c96a A-DATA Technology Co., Ltd. C906 Flash Drive
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 004: ID 058f:6361 Alcor Micro Corp. Multimedia Card Reader
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 005 Device 002: ID 046d:c05a Logitech, Inc. M90/M100 Optical Mouse
Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 011 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 010 Device 003: ID 04d9:1702 Holtek Semiconductor, Inc.
Bus 010 Device 002: ID 046d:0829 Logitech, Inc.
Bus 010 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 009 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 008 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
And finally, a couple of utilities for obtaining information about hard drives. Utility hdparm adjusts and views the parameters of hard drives with an ATA interface. It can set parameters such as drive cache size, sleep mode, power management, acoustics management, and DMA settings. To find out information about connected hard drives, run the command:
sudo hdparm -I /dev/sda
With this command, we will find out information about your hard drive /dev/sda. Here is part of the output:
ATA device, with non-removable media
Model Number: WDC WD6400AARS-00Y5B1
Serial Number: WD-WCAV5D714851
Firmware Revision: 80.00A80
Transport: Serial, SATA 1.0a, SATA II Extensions, SATA Rev 2.5, SATA Rev 2.6
Standards:
Supported: 8 7 6 5
Likely used: 8
configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
—
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 1250263728
Logical/Physical Sector size: 512 bytes
If the program is not installed, then run the command in the Terminal:
sudo apt-get install hdparm
fdisk -l
As a result, we will see a list of all connected hard drives, flash drives and memory cards. We will also see how many partitions have been created on the disk.
Disk /dev/sda: 640.1 GB, 640135028736 bytes
255 heads, 63 sectors/tracks, 77825 cylinders, total 1250263728 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Drive ID: 0x0009d6f7
Load Device Start End Blocks Id System
/dev/sda1 * 2048 61441501 30719727 83 Linux
/dev/sda2 61442048 73730031 6143992 82 Linux swap / Solaris
/dev/sda3 73730048 1250263039 588266496 83 Linux
That's all and good luck to everyone!
—————————————————————————
Handsome ÁKOS from the popular Hungarian band Bonanza Banzai
It is at the boot stage that many errors in services or equipment can occur. Looking through these messages can be very helpful. But they go by very quickly and we can't always read them. But they can all be viewed with the command dmesg.
During system boot, while the kernel is being loaded, the initialization system, drivers, kernel modules, equipment is being initialized, a large number of messages are displayed on the screen that display information about the state of the kernel, the boot process, and the state of devices.
It is at the boot stage that many errors in services or equipment can occur. Looking through these messages can be very helpful. But they go by very quickly and we can't always read them. But they can all be viewed with the dmesg command.
By running the dmesg command as root, you will get all the messages that the kernel printed during boot. Here you can see a lot of useful information. You can just go through them one line at a time and try to figure out what they mean. Now that you know what messages look like when loaded, you can easily deal with many problems if they arise.
$dmesg | more [ 0.000000] microcode: CPU0 microcode updated early to revision n 0x29, date = 2013-06-12 [ 0.000000] Initializing cgroup subsys cpuset [ 0.000000] Initializing cgroup subsys cpu [ 0.000000] Initializing cgroup subsys cpuacct [ 0.000000] Linux version 4. 1. 20-11-default() (gcc version 4.8.5 (SUSE Linux)) #1 SMP PREEMPT Fri Mar 18 14:42:07 UTC 2016 (0a392b2)
With dmesg you can see the amount of memory available on the system:
$dmesg | grep Memory
0.000000] Memory: 3848228K/4006256K available (6567K kernel code, 1085K rwdata, 4852K rodata, 1560K init, 1520K bss, 158028K reserved, 0K cma-reserved)
Since all device status messages are stored in dmesg, we can look at the status of the network adapter, or perhaps errors that occurred during its initialization:
$dmesg | grep eth [ 101.043873] tg3 0000:02:00.0 eth0: Link is up at 100 Mbps, full duplex [ 101.043885] tg3 0000:02:00.0 eth0: Flow control is off for TX and off for RX [ 101.043889] tg3 0000: 02 :00.0 eth0: EEE is disabled [ 101.043909] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
If you feel that the default size of the dmesg buffer is not enough, you can change its size to increase the number of messages that can be there at the same time. To do this, just edit the file and restart your computer.
$ vi /boot/config-4.1.20-11-default CONFIG_LOG_BUF_SHIFT=18
Change the value of the parameter of this line to the desired one, by default I use 18, which means that a buffer of 18 kilobytes in size will be created. But you can specify the buffer size you want.
Sometimes it may be necessary to clear the Dmesg buffer so that unnecessary messages do not get confused at hand. You can do this with the following command:
$ dmesg -c
Now if you run the dmesg command again, the buffer will be empty.
As you can see, by default there are no dates in dmesg, just a label, a time offset from the start of the download. But it is also possible to see the full date and time of each message. To do this, see the /var/log/kern.log file:
$dmesg | grep "L2 cache" Oct 18 23:55:40 ubuntu kernel: [ 0.014681] CPU: L2 cache: 2048K
For everything to work, the klogd service must be configured and running.
With such a simple combination, you can see all the errors that occurred during boot or system operation:
$dmesg | grep error
Let's consider a small example. Let's say my Wi-Fi doesn't work. I know that there is an adapter in the computer, it is turned on and everything works in Windows. But not now. We look at the dmesg log and see:
[ 21.772824] b43-phy0 ERROR: Firmware file "b43/ucode15.fw" not found [ 21.772842] b43-phy0 ERROR: Firmware file "b43-open/ucode15.fw" not found [ 21.772852] b43-phy0 ERROR: Please open a terminal and enter the command "sudo /usr/sbin/install_bcm43xx_firmware" to download the correct firmware for this driver version. For an off-line installation, go to and follow the instructions in the "Installing firmware from RPM packages" section.
From the message, we understand that the problem is in the firmware, and the system even tells us which command can be used to solve it, or where to read about setting up this case and download the necessary files. Thus, the problem that seemed unsolvable was solved in a few minutes. Viewing Linux logs is a very useful thing, don't forget to use it. That's all, if you have any questions, write in the comments!
