So how do you find an alert or warning words in a log file over text based session? Simply use old good grep command. Usually I recommend searching following words
=> fail
=> denied
=> segfault
=> segmentation
=> rejected
=> oops
=> warn
Find an alert or warning words from log files
You need to use grep command:
grep {search-word} /path/to/log/file
Find out all segfault error from /var/log/messages file, enter the following command as privileged user:
# grep -i segfault /var/log/messages
Output:
Sep 23 12:20:09 node10 kernel: mutt[8896]: segfault at 0000000000000010 rip 0000000000439d5e rsp 00007fff36a30040 error 6 Sep 24 12:20:10 node10 kernel: mutt[20107]: segfault at 0000000000000010 rip 0000000000439d5e rsp 00007fffd99dbac0 error 6 Sep 25 12:20:09 node10 kernel: mutt[19734]: segfault at 0000000000000010 rip 0000000000439d5e rsp 00007fff5d807290 error 6
Look like node10's mutt command generated segfault error while sending daily reports attachment via email.
GUI Tools
System Log Viewer is a graphical, menu-driven viewer that you can use to view and monitor your system logs. System Log Viewer comes with a few functions that can help you manage your logs, including a calendar, log monitor and log statistics display.
Redhat / CentOS tool
Redhat (RHEL) Linux offers gui tool called Log Viewer. Type the redhat-logviewer command at a shell prompt or use GUI menus to start the same. You can set filter words (alter words) by clicking on Edit > Preferences menu > Alter tab > Add button
Debian / Ubuntu tool
Debian / Ubuntu Linux also offers GUI tool to view and search log files by setting filters. Click on Applications menu > Choose System Tools > Admin > System Log.
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 4 comments… read them below or add one }
It would be quicker and easier if you were to do something like this.
egrep '(fail|denied|segfault|segmentation|reject|oops|warn)' /var/log/messages
I find when I’m looking for problems it is easier to look for that. However I enjoy reading your tips.
Hi, thanks for sharing the “grep” command string.
I did do a: grep -i access.log
where I placed the ip address in the “”, however, it takes some time to show some results, especially if the access.log file, for instance in this case, is very very large (gigabytes in size), and also, I know for a fact that the ip address I’m searching is towards the end of the access.log file, so I have to wait for the search to finish from the beginning up until the end.
Does anyone have a command to make it search from a certain section of the access.log file, OR, search from going backwards?
Thanks,
RLTF
Correction, I did a “grep -i access.log”
Hmm.. it’s not showing the “open carrot ipaddress closed carrot” <- this is why I spelled it…
It's suppose to be "grep -i ipaddress access.log"