LoggingThe Ultimate Guide

your open-source resource for understanding, analyzing, and troubleshooting system logs

curated byloggly

Systemd

Using systemctl

Systemctl is a very powerful Linux utility that comes with systemd. It comes with a long list of options for different functionality, the most common of which are starting, stopping, restarting or reloading a daemon. In the following examples, we will see how we can use systemctl for some of the troubleshooting purposes. Listing Units To check which services are installed in the local Linux system, execute this command (we...

Systemd

Managing Journal Size

We saw how systemd journal size can be controlled with configuration parameters. Even with default configuration values, systemd-journald will ensure that older journal records or journal files are deleted to keep the correct amount of disk space free. We can also use some of the options of journalctl to manage the journal. To check how much disk space is currently taken up by the journal, use the –disk-usage parameter: ...

Systemd

Linux Logging with Systemd

Systemd is the new system and service manager for Linux. It has become the de facto system management daemon in various Linux distributions in recent years. Systemd was first introduced in Fedora. Other distributions like Arch Linux, openSUSE or CoreOS have already made it part of their operating systems. Red Hat Enterprise Linux (RHEL) and its downstream distros like CentOS started to use systemd natively from version 7. Another major...

Systemd

Using journalctl

Like systemctl, journalctl is also a systemd utility. It’s used for querying and displaying messages from the journal. Since the journal  comprises of one or more binary files, journalctl is the standard way to read messages from it. In the following paragraphs, we will see how journalctl can be used with some of its parameters. Each parameter can be used on its own or combined with other parameters to further...

Systemd

Centralizing with Syslog

The syslog protocol is often useful for sending logs to external locations such log management systems or legacy systems. However, since syslog is text-based and the systemd journal is in binary format, there is no simple one-to-one relationship between these two. Using ForwardToSyslog Syslog is still part of Linux distributions that incorporate systemd natively, and as we saw before, journal events can be forwarded to syslog with a simple configuration change....

This guide will help software developers and system administrators become experts at using logs to better run their systems. This is a vendor-neutral, community effort featuring examples from a variety of solutions. Each guide includes:

  • A basic overview of what’s in the logs and where to find them
  • How to search or analyze logs to find valuable information
  • How to troubleshoot common issues and find the root cause
  • How to centralize or aggregate logs in a large distributed system

This guide will help software developers and system administrators become experts at using logs to better run their systems. This is a vendor-neutral, community effort featuring examples from a variety of solutions

Meet Our Contributors Become a contributor