Improve viewing logs using the command line

- A few rewrites - Shorten information on viewing plain-text logs as they are not default now.
2024-11-24 21:35:17 +00:00 · 2019-04-05 12:23:07 +01:00 · 2019-04-05 12:23:07 +01:00 · 0739eebefe
commit 0739eebefe
parent e8b87f113e
1 changed files with 36 additions and 44 deletions
--- a/modules/ROOT/pages/_partials/proc_log-files-command-line.adoc
+++ b/modules/ROOT/pages/_partials/proc_log-files-command-line.adoc
@ -1,66 +1,75 @@
 [id='using-the-command-line-to-view-log-files]
 = Using the command line to view log files

-You can use the command line to view logs in different ways, for example:
+The `journalctl` command can be to view messages in the system journal on the command line.
+For plain text log files, generic tools may be used:

-* Using the `*Journalctl*` command
-* Using the commands for viewing, for example `*cat*`, `*more*`, `*less*`, `*tail*`, or `*head*`
-* Combine the commands for viewing with the `*grep*` command
-* Using any kind of CLI/GUI editor.
+* `cat`, `more`, `less`, `tail`, or `head`.
+* the `grep` command to search for specific information.
+* any text editor of your choosing (nano/pico/vim/emacs)
+
+Please note that you may require `sudo` access to view these files.

 [id='using-journalctl-to-view-system-information']
-== Using journalctl to view system information.
+== Using journalctl to view system information

-* To view all collected logs with no filter:
+* To view all collected journal entries, simply use:
 ----
 $ journalctl
 ----

-* To view a specific log file, enter the `*journalctl*` command with a log filepath. The example command returns all logs of the kernel device node `/dev/sda`:
+* To view a logs related to a specific file, you can provide the `journalctl` command with a filepath.
+  The example shown below shows all logs of the kernel device node `/dev/sda`:
 ----
 $ journalctl /dev/sda
 ----

-* To view the boot logs, run the following command:
+* To view log for the current boot use the `-b` option :
+----
+$ journalctl -b
+----
+
+* To view kernel logs for the current boot, you can add the `-k` option:
 ----
 $ journalctl -k -b -1
 ----

+
 [id='using-journalctl-to-view-log-information-for-a-specific-service']
-== Using Journalctl to View Log Information for a Specific Service
+== Using journalctl to view log information for a specific service

-* To view the current Boot log use the `-b` option :
-
-* To view, With one match specified, all entries with a field matching the expression are shown:
+* To filter logs to only see ones matching the "foo" systemd service:
 ----
 $ journalctl -b _SYSTEMD_UNIT=foo
 ----

-* To view, If two different fields are matched, only entries matching both expressions at the same time are shown:
+* Matches can be combined.
+  For example, to view logs for systemd-units that match `foo`, and the PID `number`:
 ----
 $ journalctl -b _SYSTEMD_UNIT=foo _PID=number
 ----

-* To view If two matches refer to the same field, all entries matching either expression are shown:
----
-$ journalctl -b _SYSTEMD_UNIT=foo _SYSTEMD_UNIT=foo1
----
-
-* To view, If the separator "+" is used, two expressions may be combined in a logical OR. The following will show all messages from the `*foo*` service process with the `*PID*` plus all messages from the `*foo1*` service (from any of its processes):
+* If the separator "+" is used, two expressions may be combined in a logical OR.
+  For example, to view all messages from the `foo` service process with the `PID` plus all messages from the `foo1` service (from any of its processes):
 ----
 $ journalctl -b _SYSTEMD_UNIT=foo _PID=number + _SYSTEMD_UNIT=foo1
 ----

-NOTE: The files for service modification are stored in a directory within `*/etc/systemd/system*`, to know more about systemd <<understanding-and-administering-systemd.adoc#,Understanding Systemd Services>>
+* If two matches refer to the same field, all entries matching either expression are shown.
+  For example, this command will show logs matching a systemd-unit `foo` or a systemd-unit `foo1`:
+----
+$ journalctl -b _SYSTEMD_UNIT=foo _SYSTEMD_UNIT=foo1
+----
+
+
+NOTE: The files for service modification are stored in a directory within `*/etc/systemd/system*`, to know more about systemd, please refer to <<understanding-and-administering-systemd.adoc#Understanding Systemd Services>>

 [id='Using-journalctl-to-view-older-logs']
-== Using Journalctl to View Older Logs 
+== Using journalctl to view older logs

 * To view older logs use the `--list-boots` option :

-Show a tabular list of boot numbers, their IDs, and the timestamps of the first and last message pertaining to the boot.
-
-Example :
+This will show a tabular list of boot numbers, their IDs, and the timestamps of the first and last message pertaining to the boot:

 ----
 $ journalctl --list-boots
@ -68,30 +77,13 @@ $ journalctl --list-boots
 -7 c110d2b8705345b786fe310de628bfc7 Tue 2018-11-13 10:29:27 CET—Tue 2018-11-13 10:04:00 CET
 ----

-with this ID you can use `*journalctl*` as usual :
+with this ID you can use `journalctl` as usual :

 ----
 $ journalctl --boot=ID _SYSTEMD_UNIT=foo
 ----

-* To know more about `*journalctl*`, read the man page:
+* To know more about `journalctl`, read the man page:
 ----
 $ man journalctl
 ----
-
-[id='using-any-kind-CLI/GUI-editor-for-view-logs']
-== Using any kind of CLI/GUI editor for View-Logs
-
-All logs are plain text, so you can use diferent utils to view them.
-
-[id='using-CLI-editor-in-Terminal']
-=== Using any CLI editor in Terminal
-
-* To open, Just use (nano/pico/vim/nvim/emacs) for name a few.
-
-[id='using-GUI-editor-in-terminal']                                    
-=== Using any GUI editor in Terminal
-
-* To open, Just use (gvim/gedit/geany) for name a few.
-
-NOTE: Both method usually requires `*sudo*` access.