Linux logs a large amount of events to the disk, where they’re mostly stored in the /var/log directory in plain text. Most log entries go through the system logging daemon, syslogd, and are written to the system log.

Linux将大量事件记录到磁盘上，这些事件通常以纯文本格式存储在/ var / log目录中。 大多数日志条目都通过系统日志记录守护程序syslogd写入系统日志。

Ubuntu includes a number of ways of viewing these logs, either graphically or from the command-line. You can also write your own log messages to the system log — particularly useful in scripts.

Ubuntu提供了多种以图形方式或从命令行查看这些日志的方式。 您还可以将自己的日志消息写入系统日志-在脚本中特别有用。

以图形方式查看日志 (Viewing Logs Graphically)

To view log files using an easy-to-use, graphical application, open the Log File Viewer application from your Dash.

要使用易于使用的图形应用程序查看日志文件，请从Dash中打开“日志文件查看器”应用程序。

The Log File Viewer displays a number of logs by default, including your system log (syslog), package manager log (dpkg.log), authentication log (auth.log), and graphical server log (Xorg.0.log). You can view all the logs in a single window – when a new log event is added, it will automatically appear in the window and will be bolded. You can also press Ctrl+F to search your log messages or use the Filters menu to filter your logs.

日志文件查看器默认显示许多日志，包括系统日志(syslog)，程序包管理器日志(dpkg.log)，身份验证日志(auth.log)和图形服务器日志(Xorg.0.log)。 您可以在一个窗口中查看所有日志–添加新的日志事件后，该事件将自动出现在窗口中并以粗体显示。 您也可以按Ctrl + F来搜索日志消息，或使用“过滤器”菜单过滤日志。

If you have other log files you want to view – say, a log file for a specific application – you can click the File menu, select Open, and open the log file. It will appear alongside the other log files in the list and will be monitored and automatically updated, like the other logs.

如果您要查看其他日志文件(例如，特定应用程序的日志文件)，则可以单击“文件”菜单，选择“打开”，然后打开日志文件。 它会与列表中的其他日志文件一起显示，并且会像其他日志一样受到监视和自动更新。

写入系统日志 (Writing to the System Log)

The logger utility allows you to quickly write a message to your system log with a single, simple command. For example, to write the message Hello World to your system log, use the following command:

logger实用程序使您可以通过一个简单的命令将消息快速写入系统日志。 例如，要将消息“ Hello World”写到系统日志中，请使用以下命令：

logger “Hello World”

记录器“ Hello World”

You may also wish to specify additional information – for example, if you’re using the logger command within a script, you may want to include the name of the script:

您可能还希望指定其他信息–例如，如果在脚本中使用logger命令，则可能要包括脚本名称：

logger –t ScriptName “Hello World”

记录器–t ScriptName“ Hello World”

在终端中查看日志 (Viewing Logs in the Terminal)

The dmesg command displays the Linux kernel’s message buffer, which is stored in memory. Run this command and you’ll get a lot of output.

dmesg命令显示Linux内核的消息缓冲区，该消息缓冲区存储在内存中。 运行此命令，您将获得大量输出。

To filter this output and search for the messages you’re interested in, you can pipe it to grep:

要过滤此输出并搜索您感兴趣的消息，可以将其通过管道传递给grep ：

dmesg | grep something

dmesg | grep的东西

You can also pipe the output of the dmesg command to less, which allows you to scroll through the messages at your own pace. To exit less, press Q.

您还可以将dmesg命令的输出传递给less ，这使您可以按自己的步调滚动消息。 要少退出，请按Q。

dmesg | less

dmesg | 减

If a grep search produces a large amount of results, you can pipe its output to less, too:

如果grep搜索产生大量结果，则也可以将其输出传递给以下内容：

dmesg | grep something | less

dmesg | grep的东西| 减

In addition to opening the log files located in /var/log in any text editor, you can use the cat command to print the contents of a log (or any other file) to the terminal:

除了在任何文本编辑器中打开/ var / log中的日志文件之外，您还可以使用cat命令将日志(或任何其他文件)的内容打印到终端：

cat /var/log/syslog

猫/ var / log / syslog

Like the dmesg command above, this will produce a large amount of output. You can use the grep and less commands to work with the output:

像上面的dmesg命令一样，这将产生大量输出。 您可以使用grep和less命令来处理输出：

grep something /var/log/syslog

grep的东西/ var / log / syslog

less /var/log/syslog

少/ var / log / syslog

Other useful commands include the head and tail commands. head prints the first n lines in a file, while tail prints the last n lines in the file – if you want to view recent log messages, the tail command is particularly useful.

其他有用的命令包括head和tail命令。 head打印文件的前n行，而tail打印文件的后n行–如果要查看最近的日志消息，tail命令特别有用。

head -n 10 /var/log/syslog

头-n 10 / var / log / syslog

tail -n 10 /var/log/syslog

尾-n 10 / var / log / syslog

Some applications may not write to the system log and may produce their own log files, which you can manipulate in the same way – you’ll generally find them in the /var/log directory, too. For example, the Apache web server creates a /var/log/apache2 directory containing its logs.

某些应用程序可能不会写入系统日志，并且可能会生成它们自己的日志文件，您可以用相同的方式对其进行操作-通常您也可以在/ var / log目录中找到它们。 例如，Apache Web服务器创建一个包含其日志的/ var / log / apache2目录。

翻译自: