Linux logs a large amount of events to the disk, where they’re mostly stored in the /var/log directory in plain text. Most log entries go through the system logging daemon, syslogd, and are written to the system log.

Linux將大量事件記錄到磁盤上，這些事件通常以純文本格式存儲在/ var / log目錄中。 大多數日志條目都通過系統日志記錄守護程序syslogd寫入系統日志。

Ubuntu includes a number of ways of viewing these logs, either graphically or from the command-line. You can also write your own log messages to the system log — particularly useful in scripts.

Ubuntu提供了多種以圖形方式或從命令行查看這些日志的方式。 您還可以將自己的日志消息寫入系統日志-在腳本中特別有用。

以圖形方式查看日志 (Viewing Logs Graphically)

To view log files using an easy-to-use, graphical application, open the Log File Viewer application from your Dash.

要使用易于使用的圖形應用程序查看日志文件，請從Dash中打開“日志文件查看器”應用程序。

The Log File Viewer displays a number of logs by default, including your system log (syslog), package manager log (dpkg.log), authentication log (auth.log), and graphical server log (Xorg.0.log). You can view all the logs in a single window – when a new log event is added, it will automatically appear in the window and will be bolded. You can also press Ctrl+F to search your log messages or use the Filters menu to filter your logs.

日志文件查看器默認顯示許多日志，包括系統日志(syslog)，程序包管理器日志(dpkg.log)，身份驗證日志(auth.log)和圖形服務器日志(Xorg.0.log)。 您可以在一個窗口中查看所有日志–添加新的日志事件后，該事件將自動出現在窗口中并以粗體顯示。 您也可以按Ctrl + F來搜索日志消息，或使用“過濾器”菜單過濾日志。

If you have other log files you want to view – say, a log file for a specific application – you can click the File menu, select Open, and open the log file. It will appear alongside the other log files in the list and will be monitored and automatically updated, like the other logs.

如果您要查看其他日志文件(例如，特定應用程序的日志文件)，則可以單擊“文件”菜單，選擇“打開”，然后打開日志文件。 它會與列表中的其他日志文件一起顯示，并且會像其他日志一樣受到監視和自動更新。

寫入系統日志 (Writing to the System Log)

The logger utility allows you to quickly write a message to your system log with a single, simple command. For example, to write the message Hello World to your system log, use the following command:

logger實用程序使您可以通過一個簡單的命令將消息快速寫入系統日志。 例如，要將消息“ Hello World”寫到系統日志中，請使用以下命令：

logger “Hello World”

記錄器“ Hello World”

You may also wish to specify additional information – for example, if you’re using the logger command within a script, you may want to include the name of the script:

您可能還希望指定其他信息–例如，如果在腳本中使用logger命令，則可能要包括腳本名稱：

logger –t ScriptName “Hello World”

記錄器–t ScriptName“ Hello World”

在終端中查看日志 (Viewing Logs in the Terminal)

The dmesg command displays the Linux kernel’s message buffer, which is stored in memory. Run this command and you’ll get a lot of output.

dmesg命令顯示Linux內核的消息緩沖區，該消息緩沖區存儲在內存中。 運行此命令，您將獲得大量輸出。

To filter this output and search for the messages you’re interested in, you can pipe it to grep:

要過濾此輸出并搜索您感興趣的消息，可以將其通過管道傳遞給grep ：

dmesg | grep something

dmesg | grep的東西

You can also pipe the output of the dmesg command to less, which allows you to scroll through the messages at your own pace. To exit less, press Q.

您還可以將dmesg命令的輸出傳遞給less ，這使您可以按自己的步調滾動消息。 要少退出，請按Q。

dmesg | less

dmesg | 減

If a grep search produces a large amount of results, you can pipe its output to less, too:

如果grep搜索產生大量結果，則也可以將其輸出傳遞給以下內容：

dmesg | grep something | less

dmesg | grep的東西| 減

In addition to opening the log files located in /var/log in any text editor, you can use the cat command to print the contents of a log (or any other file) to the terminal:

除了在任何文本編輯器中打開/ var / log中的日志文件之外，您還可以使用cat命令將日志(或任何其他文件)的內容打印到終端：

cat /var/log/syslog

貓/ var / log / syslog

Like the dmesg command above, this will produce a large amount of output. You can use the grep and less commands to work with the output:

像上面的dmesg命令一樣，這將產生大量輸出。 您可以使用grep和less命令來處理輸出：

grep something /var/log/syslog

grep的東西/ var / log / syslog

less /var/log/syslog

少/ var / log / syslog

Other useful commands include the head and tail commands. head prints the first n lines in a file, while tail prints the last n lines in the file – if you want to view recent log messages, the tail command is particularly useful.

其他有用的命令包括head和tail命令。 head打印文件的前n行，而tail打印文件的后n行–如果要查看最近的日志消息，tail命令特別有用。

head -n 10 /var/log/syslog

頭-n 10 / var / log / syslog

tail -n 10 /var/log/syslog

尾-n 10 / var / log / syslog

Some applications may not write to the system log and may produce their own log files, which you can manipulate in the same way – you’ll generally find them in the /var/log directory, too. For example, the Apache web server creates a /var/log/apache2 directory containing its logs.

某些應用程序可能不會寫入系統日志，并且可能會生成它們自己的日志文件，您可以用相同的方式對其進行操作-通常您也可以在/ var / log目錄中找到它們。 例如，Apache Web服務器創建一個包含其日志的/ var / log / apache2目錄。

翻譯自: https://www.howtogeek.com/117878/how-to-view-write-to-system-log-files-on-ubuntu/