我正在尝试排除一个命令的故障,该命令似乎可以干净地退出,但显然会生成某种日志输出/var/log/syslog。此外,还有什么工具或命令可以用来自动抓取此命令生成的日志消息并在命令退出后将其输出到终端?
答案1
glogg是一款方便的工具,可以放大选定日志文件(如/var/log/syslog或/var/log/syslog.1)的特定点。这样可以轻松查看所需事件之前/之后立即发生的情况。
glogg is a multi-platform GUI application to browse and search through long or
complex log files. It is designed with programmers and system administrators
in mind and can be seen as a graphical, interactive combination of grep and
less.
Main features include:
* Accept egrep regular expression to search or filter the log.
* Interactively display results of the search in a second, filtered window.
* Colorize the log and the search results.
* Read the file directly from disk, without loading it into memory.
* Happily handle big (>4 GiB) files.
* Read UTF-8 and ISO-8859-1 encoded files.
* Follow a log in real-time as it is written to disk.
* Allow one to insert marks in the logs to interesting lines.
* Support less/vim like keyboard commands to move around the file.
sudo apt-get update#更新软件数据库
sudo apt-get install glogg# 安装 glogg
答案2
使用 journalctl 你可以传递二进制文件作为参数:
journalctl --follow /path/to/binary
模式或标识符:
journalctl --follow --grep='pattern'# 参见 pcre2pattern(3)
journalctl --follow --identifier dbus-daemon
当前命令:
(logger --id "test" & sleep 0.1 && journalctl --quiet _PID=$!)
(logger --id "test" & sleep 0.1 && grep -F "[$!]" /var/log/syslog)