I. BACKGROUND
Linux logs a large number of events to disk, most of which are stored in plain text in the/var/log directory. Most log entries are syslogd through the System log daemon and are written to the system log.
Ubuntu includes methods for viewing these logs graphically or from the command line. You can also write your own log messages to the system log, which is especially useful in scripts.
Second, view the log in a graphical way
To view the log files using an easy-to-use graphical application, open the log File Viewer application from Dash.
The log file Viewer displays multiple logs by default, including System log (syslog), Package Manager log (dpkg.log), authentication log (Auth.log), and Graphics server log (Xorg.0.log). You can view all the logs in a single window, and when you add a new log event, it will automatically appear in the window and will be bold. You can also press Ctrl+f to search for log messages or filter logs using the Filter menu.
If you have other log files to view (for example, a specific application's log file), you can click the File menu, select Open, and then open the log file. It will be displayed with other log files in the list and will be monitored and updated automatically, such as other logs.
Third, write the system log
the logger tool allows you to quickly write mail to your system log with a single, simple command. For example, to write the message Hello World to your system log, use the following command:
Logger "Hello World"
You may also need to specify additional information, for example, if you use the Logger command in a script, you might need to include the name of the script:
Logger–t ScriptName "Hello World"
Iv. viewing logs in the terminal
The DMESG command displays the message buffer of the Linux kernel, which is stored in memory. Run this command and you will get a lot of output.
to filter this output and search for messages of interest to you, you can use the pipe grep:
DMESG | grep something
You can also use less for the output pipeline of the DMESG command , so you can scroll through the messages at your own pace. to exit less, press Q.
DMESG | Less
If a grep search produces a lot of results, you can export its output pipe with less:
DMESG | grep something | Less
In addition to opening the log file in/var/log in any text editor, you can use the cat command to print the contents of the log (or any other file) to the terminal:
cat/var/log/syslog
like the DMESG command above, this produces a lot of output. You can use the grep and less commands to handle the output:
grep something/var/log/syslog/var/log/syslog
other useful commands include the header and tail commands. the Tail command is particularly useful when you print the first n rows of a file, and the last n lines in the file are printed at the end, if you want to view the most recent log messages.
Head-n 10/var/log/syslog10/var/log/syslog
Some applications may not write to the system log, and may produce their own log files, which you can do in the same way, and usually can be found in the/var/log directory. For example, the Apache Web server creates a/var/log/apache2 directory that contains its logs.
Five, the common Log directory representative meaning
=/var/log/messages: General log Messages=/var/log/Boot: System boot Log=/var/log/Debug: Debug Log Messages= =/var/log/auth.Log : User logon and authentication log= =/var/log/daemon.log: Run squid,ntpd and other log messages to this file=/var/log/dmesg:linux kernel ring cache log= =/var/log/dpkg.log: All binary package logs include package installation and other information=/var/log/faillog: User logon log file failed= =/var/log/kern.log: Kernel log file= =/var/log/lpr.Log : Printer log file= =/var/log/mail.*: All mail Server message log files= =/var/log/mysql.*:mysql server log Files= =/var/log/user.Log : All user-level logs= =/var/log/xorg.0.log:x.org log file=/var/log/apache2/*:apache Web server log file directory=/var/log/lighttpd/*:lighttpd Web server log file directory=/var/log/fsck/*:fsck Command Log= =/var/log/apport.log: Application Crash report/log File
= =/var/log/syslog: System log
= =/VAR/LOG/UFW:UFW Firewall log
= =/VAR/LOG/GUFW:GUFW Firewall log#use the tail,more,less and grep commands. Tail-f/var/log/apport.Logmore/var/log/xorg.0.Logcat/var/log/mysql.errless/var/log/Messagesgrep-i fail/var/log/Boot
Reference:
https://www.howtogeek.com/117878/how-to-view-write-to-system-log-files-on-ubuntu/(most of the above content is translated from this article)
http://blog.csdn.net/nancygreen/article/details/9873895
Http://www.169it.com/article/6268721738005395678.html
Http://www.linuxidc.com/Linux/2015-04/116532.htm
Http://www.jb51.net/LINUXjishu/378593.html
https://www.cyberciti.biz/faq/ubuntu-linux-gnome-system-log-viewer/(The above log directory is transferred from this article)
Ubuntu viewing and writing system logs