In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article is about how to understand the LINUX log, the editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.
Everyone who uses UNIX/LINUX knows the use of logs, do you know the context of LINUX log information processing?
I finally have some experience through the stubbornness of the source code for nearly a month.
We can see that there are basically two ways to log LINUX system information:
1 > dmesg View-this command is quite common
2 > Files under / var/log/
Then we will start from these two ways and go on step by step.
First of all, let's take a look at what is hidden behind the common command dmesg!
1 > Let's MAN this guy first.
-man dmesg
-man dmesg
NAME
Dmesg-print or control the kernel ring buffer
SYNOPSIS
Dmesg [- c] [- n level] [- s bufsize]
DESCRIPTION
Dmesg is used to examine or control the kernel ring
Buffer.
The program helps users to print out their bootup mes-
Sages. Instead of copying the messages by hand, the user
Need only:
Dmesg > boot.messages
And mail the boot.messages file to whoever can debug their
Problem.
OPTIONS
-c Clear the ring buffer contents after printing.
-sbufsize
Use a buffer of size bufsize to query the kernel
Ring buffer. This is 16392 by default. (The
Default kernel syslog buffer size was 4096 at
First, 8192 since 1.3.54, 16384 since 2.1.113.) If
You have set the kernel buffer to be larger than
The default then this option can be used to view
The entire buffer.
-nlevel
Set the level at which logging of messages is done
To the console. For example,-n 1 prevents all
Messages, expect panic messages, from appearing on
The console. All levels of messages are still
Written to / proc/kmsg, so syslogd (8) can still be
Used to control exactly where kernel messages
Appear. When the-n option is used, dmesg will not
Print or clear the kernel ring buffer.
When both options are used, only the last option on
The command line will have an effect.
From the manual provided by LINUX, we can know that one of the most important information dmesg reads from kernel's ring buffer (Ring buffer Zone).
-over man--
-over man--
2 > then what is ring buffer?
In LINUX, all system information (package kernel information) is transmitted to ring buffer. The information generated by the kernel is printed out by printk (). The information you see when the system starts is printed to the screen by this function. The messages typed by printk () often use... The numbers here indicate the importance of the message. Higher than a certain priority will be printed to the screen, otherwise it will only be retained in the system buffer (ring buffer).
As for how dmesg is read from ring buffer, you can look at the dmesg.c source code. It's short and easy to read.
What's wrong with dmesg should be clear to everyone. As for the documents under / var/log/, we are all too familiar with them.
1 > / var/log/.. Why are there so many documents?
The syslogd daemon records the Log generated by different services in different files according to / etc/syslog.conf.
I will not elaborate on the / etc/syslog.conf here, a lot of information about this (check it out).
2 > now that we know, / var/log/.. Is generated by the syslogd daemon. Then follow this line again.
After the LINUX system starts, / etc/init.d/sysklogd starts two klogd,syslogd daemons successively.
Where klogd will get the kernel printk () from the system buffer (ring buffer) through the syslog () system call or read the proc file system.
A message sent out. Syslogd reads the kernel information of the system through klogd.
I think at this point, everyone's psychology should feel a series of actions such as log generation, reading and so on. If not, please check your IQ.
For people who don't understand:
To sum up:
1 > all system information is output to ring buffer. Dmesg display is also read from ring buffer.
2 > on the LINUX system, / etc/init.d/sysklogd starts two daemons: Klogd&&Syslogd
3 > klogd is responsible for reading kernel information. There are two ways:
Syslog () system call (this function is fully used, let's go to MAN to have a look)
Read / proc/kmsg directly (again, / proc/kmsg is a place where kernel information is output)
4 > the output of Klogd will be sent to syslogd for processing, and syslogd will send log according to the configuration of / etc/syslog.conf.
The information is output to different files under / var/log/.
Redhat linux knowledge base
The above is how to understand the LINUX log, the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 250
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.