linux命令之journalctl
linux命令journalctl是用来查看系统运行过程中写在内存当中的日志及本地系统日志
journalctl [参数]
参数 | 说明 |
-n | 查看最新几条内容 |
-p | 日志优先级 |
-o | 控制显示的日志格式 |
-x | 是目录(catalog)的意思,在报错的信息下会,附加解决问题的网址 |
-e | 从结尾开始看 |
-r | 倒叙 |
-f | 滚屏输出 |
-u | 服务名称 |
_PID | 某个进程的日志 |
_UID | 某个用户的日志 |
_COMM | 进程名称 |
--since "time" --until "time" | 某个时间段的日志 |
命令:
journalctl
[root@rhel77 ~]# journalctl
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:01:01 CST. --
Nov 06 08:43:25 rhel77 systemd-journal[108]: Runtime journal is using 8.0M (max allowed 290.2M, trying to leave 435.4M free of 2.8G available → current l
Nov 06 08:43:25 rhel77 kernel: Initializing cgroup subsys cpuset
Nov 06 08:43:25 rhel77 kernel: Initializing cgroup subsys cpu
Nov 06 08:43:25 rhel77 kernel: Initializing cgroup subsys cpuacct
Nov 06 08:43:25 rhel77 kernel: Linux version 3.10.0-1062.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8
Nov 06 08:43:25 rhel77 kernel: Command line: BOOT_IMAGE=/vmlinuz-3.10.0-1062.el7.x86_64 root=UUID=c0d6afed-f0cd-4575-9c5d-ce302451860b ro rhgb quiet LANG
Nov 06 08:43:25 rhel77 kernel: Disabled fast string operations
Nov 06 08:43:25 rhel77 kernel: e820: BIOS-provided physical RAM map:
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009e7ff] usable
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x000000000009e800-0x000000000009ffff] reserved
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x00000000000dc000-0x00000000000fffff] reserved
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x0000000000100000-0x00000000bfecffff] usable
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x00000000bfed0000-0x00000000bfefefff] ACPI data
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x00000000bfeff000-0x00000000bfefffff] ACPI NVS
Nov 06 08:43:25 rhel77 kernel: BIOS-e820: [mem 0x00000000bff00000-0x00000000bfffffff] usable
lines 1-16
命令:
journalctl -n 5
[root@rhel77 ~]# journalctl -n 5
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:08:03 CST. --
Nov 06 09:08:03 rhel77 sendmail[2470]: 3A6183w9002470: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30213, relay=[127.
Nov 06 09:08:03 rhel77 anacron[2344]: Normal exit (1 job run)
Nov 06 09:08:03 rhel77 sendmail[2472]: 3A6183Ve002471: forward /root/.forward.rhel77: World writable directory
Nov 06 09:08:03 rhel77 sendmail[2472]: 3A6183Ve002471: forward /root/.forward: World writable directory
Nov 06 09:08:03 rhel77 sendmail[2472]: 3A6183Ve002471: to=, ctladdr= (0/0), delay=00:00:00, xdelay=00:00:00, ma
lines 1-6/6 (END)
命令:
journalctl --since "2023-11-6 9:00:00" --until "2023-11-6 9:10:00"
[root@rhel77 ~]# journalctl --since "2023-11-6 9:00:00" --until "2023-11-6 9:10:00"
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:10:01 CST. --
Nov 06 09:00:01 rhel77 crond[2316]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such
Nov 06 09:00:01 rhel77 systemd[1]: Started Session 4 of user root.
Nov 06 09:00:01 rhel77 crond[2316]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such
Nov 06 09:00:01 rhel77 CROND[2317]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 06 09:00:01 rhel77 CROND[2316]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such
Nov 06 09:01:01 rhel77 crond[2329]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such
Nov 06 09:01:01 rhel77 crond[2330]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such
Nov 06 09:01:01 rhel77 systemd[1]: Created slice User Slice of bin.
lines 1-9...skipping...
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:10:01 CST. --
Nov 06 09:00:01 rhel77 crond[2316]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:00:01 rhel77 systemd[1]: Started Session 4 of user root.
Nov 06 09:00:01 rhel77 crond[2316]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:00:01 rhel77 CROND[2317]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 06 09:00:01 rhel77 CROND[2316]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 crond[2329]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 crond[2330]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 systemd[1]: Created slice User Slice of bin.
Nov 06 09:01:01 rhel77 systemd[1]: Started Session 5 of user bin.
Nov 06 09:01:01 rhel77 systemd[1]: Started Session 6 of user root.
Nov 06 09:01:01 rhel77 crond[2330]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 crond[2329]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 CROND[2332]: (root) CMD (run-parts /etc/cron.hourly)
Nov 06 09:01:01 rhel77 CROND[2331]: (bin) CMD (/usr/bin/echo aaa)
Nov 06 09:01:01 rhel77 run-parts(/etc/cron.hourly)[2336]: starting 0anacron
Nov 06 09:01:01 rhel77 sendmail[2333]: 3A6111ZC002333: from=bin, size=412, class=-60, nrcpts=1, msgid=<[email protected]>, relay=bin
Nov 06 09:01:01 rhel77 anacron[2344]: Anacron started on 2023-11-06
Nov 06 09:01:01 rhel77 anacron[2344]: Will run job `cron.daily' in 7 min.
Nov 06 09:01:01 rhel77 anacron[2344]: Jobs will be executed sequentially
Nov 06 09:01:01 rhel77 run-parts(/etc/cron.hourly)[2346]: finished 0anacron
Nov 06 09:01:01 rhel77 run-parts(/etc/cron.hourly)[2348]: starting mcelog.cron
Nov 06 09:01:01 rhel77 run-parts(/etc/cron.hourly)[2352]: finished mcelog.cron
Nov 06 09:01:01 rhel77 CROND[2329]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 sendmail[2342]: 3A6111YU002342: from=, size=660, class=-60, nrcpts=1, msgid=<[email protected]
Nov 06 09:01:01 rhel77 sendmail[2333]: 3A6111ZC002333: to=bin, ctladdr=bin (1/1), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=138412, relay=[127.0.0.1
Nov 06 09:01:01 rhel77 CROND[2330]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:01:01 rhel77 sendmail[2353]: 3A6111YU002342: forward /root/.forward.rhel77: World writable directory
Nov 06 09:01:01 rhel77 sendmail[2353]: 3A6111YU002342: forward /root/.forward: World writable directory
Nov 06 09:01:01 rhel77 systemd[1]: Removed slice User Slice of bin.
Nov 06 09:01:01 rhel77 sendmail[2353]: 3A6111YU002342: to=root, ctladdr= (1/1), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=138850
lines 1-31
命令:
journalctl -p crit
[root@rhel77 ~]# journalctl -p crit
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:10:01 CST. --
Nov 06 08:43:25 rhel77 kernel: Detected CPU family 6 model 165 stepping 2
Nov 06 08:43:25 rhel77 kernel: Warning: Intel Processor - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https
lines 1-3/3 (END)
命令:
journalctl -o verbose
[root@rhel77 ~]# journalctl -o verbose
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:12:45 CST. --
Mon 2023-11-06 08:43:25.552274 CST [s=bf0fb9cf2f024c58af7086dd0aca99fa;i=1;b=c13441d5eaa843c08e15c2f0f2714a30;m=fc920;t=609712451b292;x=f7609fd9ddcce12b]
PRIORITY=6
_TRANSPORT=driver
MESSAGE=Runtime journal is using 8.0M (max allowed 290.2M, trying to leave 435.4M free of 2.8G available → current limit 290.2M).
MESSAGE_ID=ec387f577b844b8fa948f33cad9a75e6
_PID=108
_UID=0
_GID=0
_COMM=systemd-journal
_EXE=/usr/lib/systemd/systemd-journald
_CMDLINE=/usr/lib/systemd/systemd-journald
_CAP_EFFECTIVE=5402800cf
_SYSTEMD_CGROUP=/system.slice/systemd-journald.service
_SYSTEMD_UNIT=systemd-journald.service
_SYSTEMD_SLICE=system.slice
_BOOT_ID=c13441d5eaa843c08e15c2f0f2714a30
_MACHINE_ID=7ea7a80d095f4ef484058c1ff5d4f18c
_HOSTNAME=rhel77
Mon 2023-11-06 08:43:25.552342 CST [s=bf0fb9cf2f024c58af7086dd0aca99fa;i=2;b=c13441d5eaa843c08e15c2f0f2714a30;m=fc964;t=609712451b2d6;x=4bc3d31910e05c9f]
PRIORITY=6
_BOOT_ID=c13441d5eaa843c08e15c2f0f2714a30
_MACHINE_ID=7ea7a80d095f4ef484058c1ff5d4f18c
_HOSTNAME=rhel77
_SOURCE_MONOTONIC_TIMESTAMP=0
_TRANSPORT=kernel
SYSLOG_FACILITY=0
SYSLOG_IDENTIFIER=kernel
MESSAGE=Initializing cgroup subsys cpuset
Mon 2023-11-06 08:43:25.552351 CST [s=bf0fb9cf2f024c58af7086dd0aca99fa;i=3;b=c13441d5eaa843c08e15c2f0f2714a30;m=fc96d;t=609712451b2df;x=93696363f0f62a18]
PRIORITY=6
lines 1-31
命令:
journalctl _PID=1418 _COMM=sshd
OR
journalctl | grep sshd
[root@rhel77 ~]# journalctl _PID=1418 _COMM=sshd
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:12:45 CST. --
Nov 06 08:43:33 rhel77 sshd[1418]: Server listening on 0.0.0.0 port 22.
Nov 06 08:43:33 rhel77 sshd[1418]: Server listening on :: port 22.
[root@rhel77 ~]#
[root@rhel77 ~]# journalctl | grep sshd
Nov 06 08:43:33 rhel77 sshd[1418]: Server listening on 0.0.0.0 port 22.
Nov 06 08:43:33 rhel77 sshd[1418]: Server listening on :: port 22.
Nov 06 08:43:50 rhel77 sshd[1919]: Accepted password for root from 192.168.10.1 port 51445 ssh2
Nov 06 08:43:50 rhel77 sshd[1919]: pam_env(sshd:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 08:43:50 rhel77 sshd[1919]: pam_unix(sshd:session): session opened for user root by (uid=0)
Nov 06 08:43:50 rhel77 sshd[1921]: pam_env(sshd:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 08:53:35 rhel77 sshd[2142]: Accepted password for root from 192.168.10.1 port 53305 ssh2
Nov 06 08:53:35 rhel77 sshd[2142]: pam_env(sshd:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 08:53:35 rhel77 sshd[2142]: pam_unix(sshd:session): session opened for user root by (uid=0)
Nov 06 08:53:35 rhel77 sshd[2144]: pam_env(sshd:setcred): Unable to open env file: /etc/environment: No such file or directory
[root@rhel77 ~]#
命令:
journalctl -xe
[root@rhel77 ~]# journalctl -xe
Nov 06 09:09:47 rhel77 dhclient[1197]: bound to 192.168.10.246 -- renewal in 786 seconds.
Nov 06 09:09:47 rhel77 systemd[1]: Starting Network Manager Script Dispatcher Service...
-- Subject: Unit NetworkManager-dispatcher.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit NetworkManager-dispatcher.service has begun starting up.
Nov 06 09:09:47 rhel77 dbus[1065]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Nov 06 09:09:47 rhel77 systemd[1]: Started Network Manager Script Dispatcher Service.
-- Subject: Unit NetworkManager-dispatcher.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit NetworkManager-dispatcher.service has finished starting up.
--
-- The start-up result is done.
Nov 06 09:09:47 rhel77 nm-dispatcher[2510]: req:1 'dhcp4-change' [ens33]: new request (5 scripts)
Nov 06 09:09:47 rhel77 nm-dispatcher[2510]: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Nov 06 09:10:01 rhel77 crond[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:10:01 rhel77 systemd[1]: Started Session 7 of user root.
-- Subject: Unit session-7.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-7.scope has finished starting up.
--
-- The start-up result is done.
Nov 06 09:10:01 rhel77 crond[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:10:01 rhel77 CROND[2531]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 06 09:10:01 rhel77 CROND[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:12:45 rhel77 chronyd[1113]: Selected source 202.118.1.130
lines 2671-2701/2701 (END)
命令:
journalctl -r
[root@rhel77 ~]# journalctl -r
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:12:45 CST. --
Nov 06 09:12:45 rhel77 chronyd[1113]: Selected source 202.118.1.130
Nov 06 09:10:01 rhel77 CROND[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:10:01 rhel77 CROND[2531]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 06 09:10:01 rhel77 crond[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:10:01 rhel77 systemd[1]: Started Session 7 of user root.
Nov 06 09:10:01 rhel77 crond[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:09:47 rhel77 nm-dispatcher[2510]: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Nov 06 09:09:47 rhel77 nm-dispatcher[2510]: req:1 'dhcp4-change' [ens33]: new request (5 scripts)
Nov 06 09:09:47 rhel77 systemd[1]: Started Network Manager Script Dispatcher Service.
Nov 06 09:09:47 rhel77 dbus[1065]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Nov 06 09:09:47 rhel77 systemd[1]: Starting Network Manager Script Dispatcher Service...
Nov 06 09:09:47 rhel77 dhclient[1197]: bound to 192.168.10.246 -- renewal in 786 seconds.
Nov 06 09:09:47 rhel77 dbus[1065]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.ser
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): state changed bound -> bound
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): domain name 'localdomain'
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): nameserver '192.168.10.2'
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): lease time 1800
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): gateway 192.168.10.2
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): plen 24 (255.255.255.0)
Nov 06 09:09:47 rhel77 NetworkManager[1116]: [1699232987.0690] dhcp4 (ens33): address 192.168.10.246
Nov 06 09:09:47 rhel77 dhclient[1197]: DHCPACK from 192.168.10.254 (xid=0x2c684fd9)
Nov 06 09:09:47 rhel77 dhclient[1197]: DHCPREQUEST on ens33 to 192.168.10.254 port 67 (xid=0x2c684fd9)
Nov 06 09:09:29 rhel77 systemd[1]: Started PackageKit Daemon.
Nov 06 09:09:29 rhel77 dbus[1065]: [system] Successfully activated service 'org.freedesktop.PackageKit'
Nov 06 09:09:29 rhel77 PackageKit[2492]: daemon start
Nov 06 09:09:29 rhel77 systemd[1]: Starting PackageKit Daemon...
Nov 06 09:09:29 rhel77 dbus[1065]: [system] Activating via systemd: service name='org.freedesktop.PackageKit' unit='packagekit.service'
Nov 06 09:08:03 rhel77 sendmail[2472]: 3A6183Ve002471: to=, ctladdr= (0/0), delay=00:00:00, xdelay=00:00:00, mailer
Nov 06 09:08:03 rhel77 sendmail[2472]: 3A6183Ve002471: forward /root/.forward: World writable directory
Nov 06 09:08:03 rhel77 sendmail[2472]: 3A6183Ve002471: forward /root/.forward.rhel77: World writable directory
lines 1-31
命令:
journalctl -f -n 10
[root@rhel77 ~]# journalctl -f -n 10
-- Logs begin at Mon 2023-11-06 08:43:25 CST. --
Nov 06 09:09:47 rhel77 dbus[1065]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Nov 06 09:09:47 rhel77 systemd[1]: Started Network Manager Script Dispatcher Service.
Nov 06 09:09:47 rhel77 nm-dispatcher[2510]: req:1 'dhcp4-change' [ens33]: new request (5 scripts)
Nov 06 09:09:47 rhel77 nm-dispatcher[2510]: req:1 'dhcp4-change' [ens33]: start running ordered scripts...
Nov 06 09:10:01 rhel77 crond[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:10:01 rhel77 systemd[1]: Started Session 7 of user root.
Nov 06 09:10:01 rhel77 crond[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:10:01 rhel77 CROND[2531]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 06 09:10:01 rhel77 CROND[2530]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:12:45 rhel77 chronyd[1113]: Selected source 202.118.1.130
命令:
journalctl _UID=0 -n 3
[root@rhel77 ~]# journalctl _UID=0 -n 3
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:20:01 CST. --
Nov 06 09:20:01 rhel77 crond[2688]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
Nov 06 09:20:01 rhel77 CROND[2689]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 06 09:20:01 rhel77 CROND[2688]: pam_env(crond:setcred): Unable to open env file: /etc/environment: No such file or directory
[root@rhel77 ~]#
命令:
journalctl -u rsyslog
[root@rhel77 ~]# journalctl -u rsyslog
-- Logs begin at Mon 2023-11-06 08:43:25 CST, end at Mon 2023-11-06 09:20:01 CST. --
Nov 06 08:43:33 rhel77 systemd[1]: Starting System Logging Service...
Nov 06 08:43:33 rhel77 rsyslogd[1412]: [origin software="rsyslogd" swVersion="8.24.0-38.el7" x-pid="1412" x-info="http://www.rsyslog.com"] start
Nov 06 08:43:33 rhel77 systemd[1]: Started System Logging Service.
命令:
journalctl -f -u rsyslog
[root@rhel77 ~]# journalctl -f -u rsyslog
-- Logs begin at Mon 2023-11-06 08:43:25 CST. --
Nov 06 08:43:33 rhel77 systemd[1]: Starting System Logging Service...
Nov 06 08:43:33 rhel77 rsyslogd[1412]: [origin software="rsyslogd" swVersion="8.24.0-38.el7" x-pid="1412" x-info="http://www.rsyslog.com"] start
Nov 06 08:43:33 rhel77 systemd[1]: Started System Logging Service.