ubuntu服务日志分析——journalctl

已于 2024-01-15 10:18:57 修改
阅读量847 收藏 7
点赞数 7
文章标签: ubuntu 数据库 linux
于 2024-01-15 10:03:14 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/kevin_IoT/article/details/135594439
版权

简介

对于使用 systemd 服务的 Linux 发行版来说,journalctl 命令提供了详细且经过筛选的日志视图,是获取 Linux 重启历史记录的得力工具

systemd帮助我们记录了系统在运行过程中的所有日志信息,无论是重启前还是重启后,都会有保留。一般情况下, 我们通常到/var/log/xxx.log挨个找日志记录,有时候日志会被压缩,或者日志分配在不同的文件,分析起来很费劲。

systemd提供的journalctl很好的帮助我们解决了以上问题。

常用方法

  1. 获取boot信息
[ 2023-12-07 10:58:31 ] root@localhost:~# journalctl --list-boots
[ 2023-12-07 10:58:31 ] -3 7846f4280f28422a96645143f1d966ed Thu 2023-12-07 09:58:34 CST—Thu 2023-12-07 10:24:25 CST
[ 2023-12-07 10:58:31 ] -2 b20eb9b7b2964138af04536608a5c712 Tue 2023-12-05 19:56:10 CST—Wed 2023-12-06 09:27:24 CST
[ 2023-12-07 10:58:31 ] -1 70d11f7975854356940968a86a2ba353 Thu 2023-12-07 10:25:58 CST—Thu 2023-12-07 10:44:25 CST
[ 2023-12-07 10:58:31 ]  0 598ad1e7586346c8a25bfc23bded7a6a Thu 2023-12-07 10:45:58 CST—Thu 2023-12-07 10:58:30 CST
  1. 获取某次boot的日志信息
root@localhost:~# journalctl --boot=70d11f7975854356940968a86a2ba353
-- Logs begin at Tue 2023-12-05 19:56:10 CST, end at Thu 2023-12-07 11:01:06 CST. --
12月 07 10:25:58 localhost kernel: Linux version 5.15.0-56-generic (buildd@lcy02-amd64-102) (gcc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0, GNU ld (GNU Binutils for Ubuntu)>
12月 07 10:25:58 localhost kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-5.15.0-56-generic root=/dev/nvme0n1p3 ro console=tty0 console=ttyS0,115200n8 net.ifnames=0 bio>
12月 07 10:25:58 localhost kernel: KERNEL supported cpus:
12月 07 10:25:58 localhost kernel:   Intel GenuineIntel
12月 07 10:25:58 localhost kernel:   AMD AuthenticAMD
12月 07 10:25:58 localhost kernel:   Hygon HygonGenuine
12月 07 10:25:58 localhost kernel:   Centaur CentaurHauls
12月 07 10:25:58 localhost kernel:   zhaoxin   Shanghai  
12月 07 10:25:58 localhost kernel: x86/split lock detection: #AC: crashing the kernel on kernel split_locks and warning on user-space split_locks
12月 07 10:25:58 localhost kernel: x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
12月 07 10:25:58 localhost kernel: x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
12月 07 10:25:58 localhost kernel: x86/fpu: Enabled xstate features 0x3, context size is 576 bytes, using 'compacted' format.
12月 07 10:25:58 localhost kernel: signal: max sigframe size: 1520
12月 07 10:25:58 localhost kernel: BIOS-provided physical RAM map:
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x000000000009f000-0x00000000000fffff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x0000000000100000-0x0000000066f1ffff] usable
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x0000000066f20000-0x000000006941ffff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x0000000069420000-0x000000006969ffff] ACPI data
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000696a0000-0x000000006979ffff] ACPI NVS
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000697a0000-0x0000000069ffefff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x0000000069fff000-0x0000000069ffffff] usable
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x000000006a000000-0x000000006fbfffff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000c0000000-0x00000000cfffffff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000fe000000-0x00000000fe010fff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000fed00000-0x00000000fed00fff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000fed20000-0x00000000fed7ffff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x00000000ff000000-0x00000000ffffffff] reserved
12月 07 10:25:58 localhost kernel: BIOS-e820: [mem 0x0000000100000000-0x00000004903fffff] usable
12月 07 10:25:58 localhost kernel: NX (Execute Disable) protection: active
12月 07 10:25:58 localhost kernel: efi: EFI v2.70 by American Megatrends
12月 07 10:25:58 localhost kernel: efi: ACPI=0x6974a000 ACPI 2.0=0x6974a014 TPMFinalLog=0x6974d000 SMBIOS=0x69d6e000 SMBIOS 3.0=0x69d6d000 MEMATTR=0x644ef318 ESRT=0x660>
12月 07 10:25:58 localhost kernel: efi: seeding entropy pool
12月 07 10:25:58 localhost kernel: random: crng init done
12月 07 10:25:58 localhost kernel: secureboot: Secure boot disabled
12月 07 10:25:58 localhost kernel: SMBIOS 3.3.0 present.
12月 07 10:25:58 localhost kernel: DMI: To be filled by O.E.M To be filled by O.E.M/To be filled by O.E.M, BIOS 5.19 05/25/2023
12月 07 10:25:58 localhost kernel: tsc: Detected 2000.000 MHz processor
12月 07 10:25:58 localhost kernel: tsc: Detected 1996.800 MHz TSC
12月 07 10:25:58 localhost kernel: e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
12月 07 10:25:58 localhost kernel: e820: remove [mem 0x000a0000-0x000fffff] usable
12月 07 10:25:58 localhost kernel: last_pfn = 0x490400 max_arch_pfn = 0x400000000
12月 07 10:25:58 localhost kernel: x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT  
12月 07 10:25:58 localhost kernel: last_pfn = 0x6a000 max_arch_pfn = 0x400000000
12月 07 10:25:58 localhost kernel: esrt: Reserving ESRT space from 0x000000006609d498 to 0x000000006609d4d0.
12月 07 10:25:58 localhost kernel: e820: update [mem 0x6609d000-0x6609dfff] usable ==> reserved
12月 07 10:25:58 localhost kernel: e820: update [mem 0x6442d000-0x6442dfff] usable ==> reserved
12月 07 10:25:58 localhost kernel: secureboot: Secure boot disabled
12月 07 10:25:58 localhost kernel: RAMDISK: [mem 0x3bd68000-0x3fffdfff]
12月 07 10:25:58 localhost kernel: ACPI: Early table checksum verification disabled
12月 07 10:25:58 localhost kernel: ACPI: RSDP 0x000000006974A014 000024 (v02 ALASKA)
12月 07 10:25:58 localhost kernel: ACPI: XSDT 0x0000000069749728 0000D4 (v01 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: FACP 0x000000006969C000 000114 (v06 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: DSDT 0x0000000069654000 047264 (v02 ALASKA A M I    01072009 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: FACS 0x000000006979E000 000040
12月 07 10:25:58 localhost kernel: ACPI: MCFG 0x000000006969D000 00003C (v01 ALASKA A M I    01072009 MSFT 00000097)
12月 07 10:25:58 localhost kernel: ACPI: FIDT 0x0000000069653000 00009C (v01 ALASKA A M I    01072009 AMI  00010013)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x0000000069650000 0025EE (v02 CpuRef CpuSsdt  00003000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x000000006969E000 001CCD (v02 SaSsdt SaSsdt   00003000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x000000006964C000 0032CD (v02 INTEL  IgfxSsdt 00003000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: HPET 0x000000006964B000 000038 (v01 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: APIC 0x000000006964A000 00012C (v04 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: PRAM 0x0000000069649000 000030 (v01 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x0000000069648000 000EF4 (v02 ALASKA Ther_Rvp 00001000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x0000000069645000 002FC0 (v02 INTEL  xh_jslv2 00000000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: NHLT 0x0000000069643000 001771 (v00 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: LPIT 0x0000000069642000 000094 (v01 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x0000000069640000 000122 (v02 ALASKA TbtTypeC 00000000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: DBGP 0x000000006963F000 000034 (v01 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: DBG2 0x000000006963E000 000054 (v00 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x000000006963C000 0015AE (v02 ALASKA UsbCTabl 00001000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: DMAR 0x000000006963B000 000088 (v02 INTEL  EDK2     00000002      01000013)
12月 07 10:25:58 localhost kernel: ACPI: SSDT 0x000000006963A000 000144 (v02 Intel  ADebTabl 00001000 INTL 20191018)
12月 07 10:25:58 localhost kernel: ACPI: TPM2 0x0000000069639000 00004C (v04 ALASKA A M I    00000001 AMI  00000000)
12月 07 10:25:58 localhost kernel: ACPI: WSMT 0x0000000069641000 000028 (v01 ALASKA A M I    01072009 AMI  00010013)
12月 07 10:25:58 localhost kernel: ACPI: FPDT 0x0000000069638000 000044 (v01 ALASKA A M I    01072009 AMI  01000013)
12月 07 10:25:58 localhost kernel: ACPI: Reserving FACP table memory at [mem 0x6969c000-0x6969c113]
12月 07 10:25:58 localhost kernel: ACPI: Reserving DSDT table memory at [mem 0x69654000-0x6969b263]
12月 07 10:25:58 localhost kernel: ACPI: Reserving FACS table memory at [mem 0x6979e000-0x6979e03f]
12月 07 10:25:58 localhost kernel: ACPI: Reserving MCFG table memory at [mem 0x6969d000-0x6969d03b]
12月 07 10:25:58 localhost kernel: ACPI: Reserving FIDT table memory at [mem 0x69653000-0x6965309b]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x69650000-0x696525ed]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x6969e000-0x6969fccc]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x6964c000-0x6964f2cc]
12月 07 10:25:58 localhost kernel: ACPI: Reserving HPET table memory at [mem 0x6964b000-0x6964b037]
12月 07 10:25:58 localhost kernel: ACPI: Reserving APIC table memory at [mem 0x6964a000-0x6964a12b]
12月 07 10:25:58 localhost kernel: ACPI: Reserving PRAM table memory at [mem 0x69649000-0x6964902f]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x69648000-0x69648ef3]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x69645000-0x69647fbf]
12月 07 10:25:58 localhost kernel: ACPI: Reserving NHLT table memory at [mem 0x69643000-0x69644770]
12月 07 10:25:58 localhost kernel: ACPI: Reserving LPIT table memory at [mem 0x69642000-0x69642093]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x69640000-0x69640121]
12月 07 10:25:58 localhost kernel: ACPI: Reserving DBGP table memory at [mem 0x6963f000-0x6963f033]
12月 07 10:25:58 localhost kernel: ACPI: Reserving DBG2 table memory at [mem 0x6963e000-0x6963e053]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x6963c000-0x6963d5ad]
12月 07 10:25:58 localhost kernel: ACPI: Reserving DMAR table memory at [mem 0x6963b000-0x6963b087]
12月 07 10:25:58 localhost kernel: ACPI: Reserving SSDT table memory at [mem 0x6963a000-0x6963a143]
12月 07 10:25:58 localhost kernel: ACPI: Reserving TPM2 table memory at [mem 0x69639000-0x6963904b]
12月 07 10:25:58 localhost kernel: ACPI: Reserving WSMT table memory at [mem 0x69641000-0x69641027]
12月 07 10:25:58 localhost kernel: ACPI: Reserving FPDT table memory at [mem 0x69638000-0x69638043]
  1. 持续监控journal日志,再也不用tail -f xxxx文件了
root@localhost:~# journalctl -f
-- Logs begin at Wed 2023-12-06 11:17:50 CST. --
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5816 INFO][api_function.c:1830]API SERVER RECEIVE REQUEST TIME: [16:41:00]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5817 INFO][api_function.c:1830]API SERVER RECEIVE REQUEST TIME: [16:41:00]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1830]API SERVER RECEIVE REQUEST TIME: [16:41:00]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5814 INFO][api_function.c:1830]API SERVER RECEIVE REQUEST TIME: [16:41:00]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5817 INFO][api_function.c:1831]API SERVER RECEIVE REQUEST DATA: [c8 00 00 00 6b 00 7c 7b 22 63 61 6c 6c 5f 62 61 63 6b 5f 6b 65 79 22 3a 22 47 45 54 5f 53 45 4e 53 4f 52 5f 46 41 4e 53 3a 37 37 61 35 32 37 37 38 2d 66 36 30 38 2d 34 32 33 38 2d 62 36 33 63 2d 36 30 39 37 31 64 63 64 37 38 37 38 22 2c 22 64 61 74 61 22 3a 7b 7d 2c 22 74 69 6d 65 5f 6f 75 74 22 3a 33 30 30 30 30 7d c9 ]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1831]API SERVER RECEIVE REQUEST DATA: [c8 00 00 00 69 00 70 7b 22 63 61 6c 6c 5f 62 61 63 6b 5f 6b 65 79 22 3a 22 47 45 54 5f 42 4d 43 5f 49 4e 46 4f 53 3a 64 65 61 30 61 63 38 37 2d 38 35 34 32 2d 34 66 64 32 2d 61 30 37 35 2d 62 36 64 66 61 30 62 64 32 38 35 35 22 2c 22 64 61 74 61 22 3a 7b 7d 2c 22 74 69 6d 65 5f 6f 75 74 22 3a 33 30 30 30 30 7d c9 ]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1832]API SERVER RECEIVE REQUEST FRAME_HEAD: [0xc8]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1833]API SERVER RECEIVE REQUEST FRAME_LENGTH: [105]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1834]API SERVER RECEIVE REQUEST FRAME_TYPE: [0x70]
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1835]API SERVER RECEIVE REQUEST JSON: 
                                                        {"call_back_key":"GET_BMC_INFOS:dea0ac87-8542-4fd2-a075-b6dfa0bd2855","data":{},"time_out":30000}

// 自定义输出的日志等级
// "alert" (1), "crit" (2), "err" (3), "warning" (4), "notice" (5), "info" (6), "debug" (7)
root@localhost:~# journalctl -f -p 3
-- Logs begin at Wed 2023-12-06 11:17:50 CST. --
12月 06 16:40:56 localhost mgmt[5780]: [5780 : 5786 ERROR][switch_sock.c:376]connect failed. switch_id:10
12月 06 16:40:56 localhost mgmt[5780]: [5780 : 5786 ERROR][switch_sock.c:820]rpc timeout??  result:(nil), closure_data:0x1
12月 06 16:40:56 localhost mgmt[5780]: [5780 : 5786 ERROR][switch_sock.c:376]connect failed. switch_id:10
12月 06 16:40:56 localhost mgmt[5780]: [5780 : 5786 ERROR][switch_sock.c:804]rpc timeout??  result:(nil), closure_data:0x2
12月 06 16:40:56 localhost kernel: hub 2-4.4:1.0: hub_ext_port_status failed (err = -71)
12月 06 16:40:56 localhost kernel: usb 2-4.4-port1: cannot disable (err = -71)
12月 06 16:40:56 localhost kernel: hub 2-4.4:1.0: hub_ext_port_status failed (err = -71)
12月 06 16:40:57 localhost mgmt[5780]: [5780 : 5786 ERROR][switch_sock.c:376]connect failed. switch_id:10
12月 06 16:40:57 localhost mgmt[5780]: [5780 : 5786 ERROR][switch_sock.c:693]rpc timeout??  result:(nil), closure_data:0x1
12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5813 ERROR][api_function.c:78]switch 1 rpc timeout
^C
root@localhost:~# 12月 06 16:41:00 localhost api_func_pool_server[5799]: [5799 : 5818 INFO][api_function.c:1833]API SERVER RECEIVE REQUEST FRAME_LENGTH: [105]
  1. 查看某个服务的日志信息
root@localhost:~# journalctl -u mgmt_stack.service 
-- Logs begin at Wed 2023-12-06 11:17:50 CST, end at Thu 2023-12-07 13:41:04 CST. --
12月 07 13:12:30 localhost mgmt[5732]: [5732 : 5852 INFO][mgmt_msg.c:2621]API server cmd  [0x8a]  completed.
12月 07 13:12:31 localhost mgmt[5732]: [5732 : 5743 ERROR][switch_sock.c:376]connect failed. switch_id:10
12月 07 13:12:31 localhost mgmt[5732]: [5732 : 5743 ERROR][switch_sock.c:873]rpc timeout??  result:(nil), closure_data:0x1
12月 07 13:12:31 localhost mgmt[5732]: [5732 : 5743 ERROR][switch_sock.c:376]connect failed. switch_id:10
12月 07 13:12:31 localhost mgmt[5732]: [5732 : 5743 ERROR][switch_sock.c:741]rpc timeout??  result:(nil), closure_data:0x1
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 5743 ERROR][switch_sock.c:376]connect failed. switch_id:10
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 5743 ERROR][switch_sock.c:820]rpc timeout??  result:(nil), closure_data:0x1
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 INFO][mgmt_fan_smart.c:546]fan-smart: get_back_temp max_temp=28.500000
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 INFO][mgmt_fan_smart.c:619]fan-smart: get_node_temp temp=22.500000
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 INFO][mgmt_fan_smart.c:572]fan-smart get_x86_cpu_temp temp=31.000000
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 ERROR][mgmt_fan_smart.c:820]fan-smart: get temp fail! model=node_cpu
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 INFO][mgmt_fan_smart.c:660]fan-smart: get_card_temp temp=54.799999 db_val=54.8
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 INFO][mgmt_fan_smart.c:706]fan-smart: get_sw_cpu_temp temp=32.000000 db_val=32
12月 07 13:12:34 localhost mgmt[5732]: [5732 : 6103 INFO][mgmt_fan_smart.c:706]fan-smart: get_sw_cpu_temp temp=32.000000 db_val=
12月 07 13:12:38 localhost mgmt[5732]: [5732 : 6217 INFO][hal_api_gpio.c:456][node 5 card 1 power status]Get Pca9575 Gpio Dir is inp
  1. 查看内核级信息
root@localhost:~# journalctl -k 
-- Logs begin at Wed 2023-12-06 11:17:50 CST, end at Thu 2023-12-07 13:41:23 CST. --
12月 07 13:16:19 localhost kernel: usb 2-1.2.1: Disable of device-initiated U1 failed.
12月 07 13:16:19 localhost kernel: usb 2-1.2.1: Disable of device-initiated U2 failed.
12月 07 13:16:19 localhost kernel: usb 2-1.2.1: reset SuperSpeed USB device number 11 using xhci_hcd
12月 07 13:16:20 localhost kernel: usb 2-1.2.1: reset SuperSpeed USB device number 11 using xhci_hcd
12月 07 13:22:48 localhost kernel: usb 2-2.2: Disable of device-initiated U1 failed.
12月 07 13:22:48 localhost kernel: usb 2-2.2: Disable of device-initiated U2 failed.
12月 07 13:22:48 localhost kernel: usb 2-2.2: reset SuperSpeed USB device number 9 using xhci_hcd
12月 07 13:22:49 localhost kernel: usb 2-2.2.1: USB disconnect, device number 22
12月 07 13:22:49 localhost kernel: usb 2-2.2: reset SuperSpeed USB device number 9 using xhci_hcd
12月 07 13:22:49 localhost kernel: usb 2-2.2.1: new SuperSpeed USB device number 28 using xhci_hcd
12月 07 13:22:49 localhost kernel: usb 2-2.2.1: New USB device found, idVendor=2109, idProduct=0822, bcdDevice= 0.30
12月 07 13:22:49 localhost kernel: usb 2-2.2.1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
12月 07 13:22:49 localhost kernel: usb 2-2.2.1: Product: USB3.1 Hub             
12月 07 13:22:49 localhost kernel: usb 2-2.2.1: Manufacturer: VIA Labs, Inc.         
12月 07 13:22:49 localhost kernel: hub 2-2.2.1:1.0: USB hub found
12月 07 13:22:49 localhost kernel: hub 2-2.2.1:1.0: 4 ports detected
12月 07 13:26:42 localhost kernel: usb 2-2.2.1: Disable of device-initiated U1 failed.
12月 07 13:26:42 localhost kernel: usb 2-2.2.1: Disable of device-initiated U2 failed.
12月 07 13:26:42 localhost kernel: usb 2-2.2.1: reset SuperSpeed USB device number 28 using xhci_hcd
12月 07 13:26:43 localhost kernel: usb 2-2.2.1: reset SuperSpeed USB device number 28 using xhci_hcd
12月 07 13:34:49 localhost kernel: usb 2-1.2: Disable of device-initiated U1 failed.
12月 07 13:34:49 localhost kernel: usb 2-1.2: Disable of device-initiated U2 failed.
12月 07 13:34:49 localhost kernel: usb 2-1.2: reset SuperSpeed USB device number 7 using xhci_hcd
12月 07 13:34:50 localhost kernel: usb 2-1.2.1: USB disconnect, device number 11

帮助文档

help


root@localhost:~# journalctl --help 
journalctl [OPTIONS...] [MATCHES...]

Query the journal.

Options:
     --system                Show the system journal
     --user                  Show the user journal for the current user
  -M --machine=CONTAINER     Operate on local container
  -S --since=DATE            Show entries not older than the specified date
  -U --until=DATE            Show entries not newer than the specified date
  -c --cursor=CURSOR         Show entries starting at the specified cursor
     --after-cursor=CURSOR   Show entries after the specified cursor
     --show-cursor           Print the cursor after all the entries
     --cursor-file=FILE      Show entries after cursor in FILE and update FILE
  -b --boot[=ID]             Show current boot or the specified boot
     --list-boots            Show terse information about recorded boots
  -k --dmesg                 Show kernel message log from the current boot
  -u --unit=UNIT             Show logs from the specified unit
     --user-unit=UNIT        Show logs from the specified user unit
  -t --identifier=STRING     Show entries with the specified syslog identifier
  -p --priority=RANGE        Show entries with the specified priority
     --facility=FACILITY...  Show entries with the specified facilities
  -g --grep=PATTERN          Show entries with MESSAGE matching PATTERN
     --case-sensitive[=BOOL] Force case sensitive or insenstive matching
  -e --pager-end             Immediately jump to the end in the pager
  -f --follow                Follow the journal
  -n --lines[=INTEGER]       Number of journal entries to show
     --no-tail               Show all lines, even in follow mode
  -r --reverse               Show the newest entries first
  -o --output=STRING         Change journal output mode (short, short-precise,
                               short-iso, short-iso-precise, short-full,
                               short-monotonic, short-unix, verbose, export,
                               json, json-pretty, json-sse, json-seq, cat,
                               with-unit)
     --output-fields=LIST    Select fields to print in verbose/export/json modes
     --utc                   Express time in Coordinated Universal Time (UTC)
  -x --catalog               Add message explanations where available
     --no-full               Ellipsize fields
  -a --all                   Show all fields, including long and unprintable
  -q --quiet                 Do not show info messages and privilege warning
     --no-pager              Do not pipe output into a pager
     --no-hostname           Suppress output of hostname field
  -m --merge                 Show entries from all available journals
  -D --directory=PATH        Show journal files from directory
     --file=PATH             Show journal file
     --root=ROOT             Operate on files below a root directory
     --namespace=NAMESPACE   Show journal data from specified namespace
     --interval=TIME         Time interval for changing the FSS sealing key
     --verify-key=KEY        Specify FSS verification key
     --force                 Override of the FSS key pair with --setup-keys

Commands:
  -h --help                  Show this help text
     --version               Show package version
  -N --fields                List all field names currently used
  -F --field=FIELD           List all values that a specified field takes
     --disk-usage            Show total disk usage of all journal files
     --vacuum-size=BYTES     Reduce disk usage below specified size
     --vacuum-files=INT      Leave only the specified number of journal files
     --vacuum-time=TIME      Remove journal files older than specified time
     --verify                Verify journal file consistency
     --sync                  Synchronize unwritten journal messages to disk
     --relinquish-var        Stop logging to disk, log to temporary file system
     --smart-relinquish-var  Similar, but NOP if log directory is on root mount
     --flush                 Flush all journal data from /run into /var
     --rotate                Request immediate rotation of the journal files
     --header                Show journal header information
     --list-catalog          Show all message IDs in the catalog
     --dump-catalog          Show entries in the message catalog
     --update-catalog        Update the message catalog database
     --setup-keys            Generate a new FSS key pair

See the journalctl(1) man page for details.

man手册

root@localhost:~# man 1 journalctl 
JOURNALCTL(1)                                                                journalctl                                                                JOURNALCTL(1)

NAME
       journalctl - Query the systemd journal

SYNOPSIS
       journalctl [OPTIONS...] [MATCHES...]

DESCRIPTION
       journalctl may be used to query the contents of the systemd(1) journal as written by systemd-journald.service(8).

       If called without parameters, it will show the full contents of the journal, starting with the oldest entry collected.

       If one or more match arguments are passed, the output is filtered accordingly. A match is in the format "FIELD=VALUE", e.g.  "_SYSTEMD_UNIT=httpd.service",
       referring to the components of a structured journal entry. See systemd.journal-fields(7) for a list of well-known fields. If multiple matches are specified
       matching different fields, the log entries are filtered by both, i.e. the resulting output will show only entries matching all the specified matches of this
       kind. If two matches apply to the same field, then they are automatically matched as alternatives, i.e. the resulting output will show entries matching any
       of the specified matches for the same field. Finally, the character "+" may appear as a separate word between other terms on the command line. This causes
       all matches before and after to be combined in a disjunction (i.e. logical OR).

       It is also possible to filter the entries by specifying an absolute file path as an argument. The file path may be a file or a symbolic link and the file
       must exist at the time of the query. If a file path refers to an executable binary, an "_EXE=" match for the canonicalized binary path is added to the query.
       If a file path refers to an executable script, a "_COMM=" match for the script name is added to the query. If a file path refers to a device node,
       "_KERNEL_DEVICE=" matches for the kernel name of the device and for each of its ancestor devices is added to the query. Symbolic links are dereferenced,
       kernel names are synthesized, and parent devices are identified from the environment at the time of the query. In general, a device node is the best proxy
       for an actual device, as log entries do not usually contain fields that identify an actual device. For the resulting log entries to be correct for the actual
       device, the relevant parts of the environment at the time the entry was logged, in particular the actual device corresponding to the device node, must have
       been the same as those at the time of the query. Because device nodes generally change their corresponding devices across reboots, specifying a device node
       path causes the resulting entries to be restricted to those from the current boot.

       Additional constraints may be added using options --boot, --unit=, etc., to further limit what entries will be shown (logical AND).

       Output is interleaved from all accessible journal files, whether they are rotated or currently being written, and regardless of whether they belong to the
       system itself or are accessible user journals.

       The set of journal files which will be used can be modified using the --user, --system, --directory, and --file options, see below.

       All users are granted access to their private per-user journals. However, by default, only root and users who are members of a few special groups are granted
       access to the system journal and the journals of other users. Members of the groups "systemd-journal", "adm", and "wheel" can read all journal files. Note
       that the two latter groups traditionally have additional privileges specified by the distribution. Members of the "wheel" group can often perform
 Manual page journalctl(1) line 1 (press h for help or q to quit)

da-xiang
关注
  • 7
    点赞
  • 7
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
Ubuntu下内核编程之第一个模块helloworld(附源码)
09-13
本篇文章将深入探讨如何在Ubuntu环境下编写你的第一个内核模块——一个简单的“Hello, World!”模块。 首先,我们要了解什么是内核模块。内核模块是可加载到运行中的Linux内核中的代码片段,它们允许我们向内核添加...
linux 发行版本都可用命令大全.rar
01-04
- `journalctl`(systemd系统):查看系统日志。 10. **系统维护与优化**: - `sysctl`:动态调整系统内核参数。 - `crontab`:设置定时任务。 - `updatedb`:更新文件系统的索引,用于更快地进行文件查找。 ...
Ubuntu16.04 删除journalctl 日志
xiojing的博客
02-12 5413
阿里云ECS提示磁盘空间不够,觉得是日志占用了磁盘空间。所以到/var/log下看看。 cd /var/log du --max-depth=1 -h 发现journal 文件夹占用磁盘较多。但是cd journal 文件夹内查看又没有多少文件。 848M ./nginx 4.1G ./journal 原来journal 日志的查看删除需要用指定的命令。 如下部分命令摘自 https://ww...
linux journalctl 命令
weixin_34390105的博客
04-12 462
目录 Help 输出所有的日志记录 匹配(match) 把日志保存到文件中 限定日志所能占用的最高容量 查看某次启动后的日志 查看指定时间段的日志 同时应用 match 和时间过滤条件 按 unit 过滤日志 通过日志级别进行过滤 实时更新日志 只显示最新的 n 行 控制输出 按可执行文件的路径过滤 查看内核日志 总结 journalctl 用来查询 systemd-journald 服务收集...
ubuntu搭建日志分析工具ELK收集Nginx日志_ubuntu22安装elk(1)
最新发布
2401_84141260的博客
05-17 847
KaTeX parse error: Expected 'EOF', got '#' at position 18: …KaTeX parse error: Expected 'EOF', got '#' at position 12: request", '#̲记录请求的URL和HTTP协议…KaTeX parse error: Expected 'EOF', got '#' at position 17: …path.logs: /var/log/elasticsearch/ #日志路径。
Ubuntu查看系统日志的几种方法
热门推荐
宝安小雨
05-16 2万+
系统的许多日志文件都存储在 /var/log 目录中。你可以使用 ls /var/log 命令来列出可用的日志文件。/var/log/Xorg.0.log:包含 X 服务器的日志信息(图形界面)。打开DASH,搜索日志或者log,打开app,这个是/var/log的界面版。这将显示系统日志的末尾,并提供有关系统崩溃和错误的信息。/var/log/kern.log:包含内核日志信息。/var/log/dmesg:包含开机时的日志信息。/var/log/syslog:包含系统日志信息。
ubuntu 系统提示 You are in emergency mode. type “journalctl -xb” to view system logs
csdnlizhihao的博客
10-21 4923
ubuntu 系统提示 journalctl -xb故障现象故障原因解决办法 故障现象 ubuntu 系统提示 You are in emergency mode. type “journalctl -xb” to view system logs 故障原因 磁盘挂载得有问题 解决办法 Solution No1 1、执行命令 journalctl -xb 2、执行命令 /fsck failed 3、记录报错的磁盘盘符 (/dev/sda1, 报错信息显示成红色) 4、运行命令sudo nano /etc/f
查看ubuntu重启原因
heroacool的专栏
03-31 3910
叫用指令last, uptime, journalctl, dmesg这些指令查看,log里啥都每看出来。ubuntu总是重启,不知道啥原因。问了chatgpt原因,叫我查看一下log。
Ubuntu 常用日志工具
par@ish的博客
12-21 1593
Elasticsearch用于存储和搜索日志数据,Logstash用于收集、解析和转发日志,而Kibana则提供了一个可视化的界面来查询和分析日志。虽然不是默认工具,但Loki是一个越来越受欢迎的日志聚合和查询系统,特别适合与Prometheus和Grafana配合使用进行监控和分析。Graylog是一个开源的日志管理系统,它可以收集、索引、存储和分析大量的日志数据,并提供了丰富的搜索和可视化功能。:日志记录了系统的访问情况、用户行为和安全事件,用于检测和调查潜在的安全威胁,如入侵企图、未经授权的访问等。
linux精彩问答——为你解惑
09-26
8. **系统日志与监控**:理解`/var/log`下的日志文件,以及使用`dmesg`、`journalctl`等查看系统日志,还有性能监控工具如`htop`、`iostat`、`vmstat`的使用。 9. **文本编辑器**:介绍流行的文本编辑器如`vi/vim`...
Linux详细笔记,考试、复试必备!
08-24
13. **日志管理**:学习如何查看和分析系统日志,如`/var/log`下的各种日志文件,以及使用`journalctl`(Systemd日志管理)。 14. **防火墙与安全**:了解iptables防火墙规则的设置,以及如何使用`ufw`等图形化工具...
Linux-Intro.zip_Hands On
09-22
我们还将讨论如何使用dmesg、journalctl和less等工具查看和分析日志,以及使用grep和strace进行调试。 **第八章:用户和权限管理** 理解用户和组的管理,包括用户账户的创建、删除、权限设置以及sudo命令的使用,是...
ubuntu 18.04检查服务器异常重启的日志
Learning from the mistakes
03-04 1万+
最近服务器老是重启,要查看原因的话,可以查看日志,日志的命令为: journalctl -xe 我的日志为: 3月 04 12:20:50 eric-HP-Z420-Workstation kernel: EDAC MC0: 11 CE memory scrubbing error on CPU_SrcID#0_Ha#0_Chan#2_DIMM#0 or CPU_SrcID#0_Ha#0...
ubuntu 系统 /var/log/journal/ 垃圾日志清理
Nodejs
08-08 1万+
CentOS系统中有两个日志服务,分别是传统的 rsyslog 和 systemd-journal systemd-journald是一个改进型日志管理服务,可以收集来自内核、系统早期启动阶段的日志、系统守护进程在启动和运行中的标准输出和错误信息,还有syslog的日志。 该日志服务仅仅把日志集中保存在单一结构的日志文件/run/log中,由于日志是经历过压缩和格式化的二进制数据,所以在查看和定位的时候很迅速。 默认情况下并不会持久化保存日志,只会保留一个月的日志。另外,一些rsyslog无法收集的日志也会
LWN:开发者争论split-lock检测机制!
Linux News搬运工
12-20 1788
关注了就能看到更多这么棒的文章哦~Developers split over split-lock detectionByJonathan CorbetDecember 6, 2019...
编译,安装,运行与调试linux内核(真机环境,基于crash调试)
"my"的博客
09-25 1580
1)内联函数。内联函数会被直接展开,不会执行call指令,因此这类函数没有了栈帧。2)编译器优化的函数。具体优化的时机不确定,但是猜测是一些只被调用一次的子函数,直接被展开到了父函数里面,这类子函数也没有了栈帧。具体例子是内核中的函数被展开到了函数中,导致函数特别长。3)中断栈。这类我不是特别确定,但是貌似通过中断调用的函数在调用栈中的信息不太全。
Ubuntu 中常用的查看日志命令
C小白的博客
09-01 4488
Ubuntu 中常用的查看日志命令方法
Ubuntu查看和写入系统日志
顺其自然~专栏
03-02 5595
某些应用程序可能不会写入系统日志,并且可能会产生自己的日志文件,你可以使用相同的方式进行操作,通常也可以在/var/log目录中找到它们。如果你有其他要查看的日志文件(例如,特定应用程序的日志文件),可以单击“文件”菜单,选择“打开”,然后打开日志文件。它将与列表中的其他日志文件一起显示,并将被监视并自动更新,如其他日志。你可以在单个窗口中查看所有日志,当添加新的日志事件时,它将自动显示在窗口中,并将加粗。头打印文件中的前n行,而尾部打印文件中的最后n行,如果要查看最近的日志消息,则tail命令特别有用。
Ubuntu 中登录相关的日志
Chocolate的博客
06-15 2305
本文整理了 Ubuntu 系统中常见的一些与登录相关的文件和命令。通过它们可以快速的查看当前用户的登录情况和所有用户登录登出的历史记录,并且可以查询到用户使用 root 权限执行的操作。这对我们维护系统的安全和用户的管理都非常有帮助。sparkdevsparkdev - 博客园本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。
ubuntu18安装hdl——graph_slam
09-11
对于在Ubuntu 18上安装hdl_graph_slam,您可以按照以下步骤操作: 1. 首先,确保您的系统已经安装了ROS(Robot Operating System)。如果您尚未安装ROS,请按照ROS官方网站(http://www.ros.org/install/)上的指南进行安装。 2. 打开终端窗口,运行以下命令以克隆hdl_graph_slam存储库: ``` git clone https://github.com/koide3/hdl_graph_slam.git ``` 3. 进入克隆的存储库目录: ``` cd hdl_graph_slam ``` 4. 使用catkin构建工具进行构建: ``` catkin build hdl_graph_slam ``` 或者,如果您使用的是catkin_make工具: ``` catkin_make --pkg hdl_graph_slam ``` 5. 接下来,运行以下命令以安装hddl_graph_slam的依赖项: ``` rosdep install --from-paths src --ignore-src -r -y ``` 6. 安装完成后,通过运行以下命令来重新加载环境变量: ``` source devel/setup.bash ``` 7. 现在,您可以使用以下命令启动hdl_graph_slam节点: ``` roslaunch hdl_graph_slam hdl_graph_slam.launch ``` 这将启动hdl_graph_slam,并将其与硬件设备连接。您可以通过ROS的图形用户界面(RViz)来查看和可视化地图。 请注意,安装和使用hdl_graph_slam可能需要一些先验知识和配置,以便与您的硬件设备兼容。因此,在开始安装之前,请确保您已经熟悉并满足了所有必要的先决条件。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值