Quick: What's the first thing you do when you need to troubleshoot a Linux server? If you answered, "Check log files," give yourself a cookie because you answered correctly.
A follow up question: What do you do when you need to watch those log files in real time? Do you view that log with the less command and continue a cycle of closing and opening and closing and opening that file until you see what you need? Or do you make use of what many would consider to be a must-use tool within the world of Linux?
Spoiler alert, it's the latter. The tool in question is called tail. With tail, you can view a Linux log file as the system writes to it in real time. So while you're trying to troubleshoot that system, you can follow the syslog, the auth.log, faillog, kern.log, or whatever logfile you need to watch. But how do you do this? Let me show you.
Log into your Linux system. Let's say we're going to want to watch syslog for anything out of the ordinary. From the bash prompt, issue the command sudo tail -f /var/log/syslog. Once you've successfully typed your sudo password, you will see that log file presented to you, in real time. Whenever activity is recorded (such as a user logging in), you will see it appear in the window. Keep watching with tail until you see the output you need to troubleshoot your system. When you're finished, hit the control X key combination and you're back to the bash prompt.
With the help of the tail command, troubleshooting Linux servers can be made much more simple. Consider this one of those must-know commands. And don't forget, for more information about tail, issue the command man tail, so you can get the most out of this tool.
- To capture more of the desktop market, Linux needs to target the average user (TechRepublic)
- How to easily add an SSH fingerprint to your known_hosts file in Linux (TechRepublic)
- How to run a network speed test from a headless Linux server (TechRepublic)
- How to send messages to users logged into your Linux machines (TechRepublic)
- How to use the nmcli command to gather network device information on Linux (TechRepublic)
- How to add a repository on your Linux machine (TechRepublic Video)
- Open-source Exim remote attack bug: 400,000 servers still vulnerable, patch now (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.