From 510b5002c3bcc2b27c7679b39a924daef8900e23 Mon Sep 17 00:00:00 2001 From: medusa Date: Wed, 10 Jan 2024 20:13:32 +0000 Subject: [PATCH] Add docs/tech_docs/journalctl.md --- docs/tech_docs/journalctl.md | 40 ++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 docs/tech_docs/journalctl.md diff --git a/docs/tech_docs/journalctl.md b/docs/tech_docs/journalctl.md new file mode 100644 index 0000000..d8c1164 --- /dev/null +++ b/docs/tech_docs/journalctl.md @@ -0,0 +1,40 @@ +# `journalctl` Troubleshooting Guide + +This guide provides a structured approach to troubleshooting common issues in Linux using the `journalctl` command. + +## General Troubleshooting + +1. **Review Recent Logs** + - View recent log entries: `journalctl -e` + - Show logs since the last boot: `journalctl -b` + +## Service-Specific Issues + +1. **Identify Service Issues** + - Display logs for a specific service: `journalctl -u service-name.service` + - Replace `service-name` with the actual service name, e.g., `journalctl -u sshd` + +## System Crashes or Boots + +1. **Investigate Boot Issues** + - Display logs from the current boot: `journalctl -b` + - Show logs from the previous boot: `journalctl -b -1` + - List boot sessions to identify specific instances: `journalctl --list-boots` + +## Error Messages + +1. **Filter by Error Priority** + - Show only error messages: `journalctl -p err` + - For more severe issues, consider using higher priority levels like `crit`, `alert`, or `emerg` + +## Additional Tips + +- **Follow Live Logs**: Monitor logs in real-time: `journalctl -f` +- **Time-Based Filtering**: Investigate issues within a specific timeframe: + - Since a specific time: `journalctl --since "YYYY-MM-DD HH:MM:SS"` + - Between two timestamps: `journalctl --since "start-time" --until "end-time"` +- **Output Formatting**: Adjust output format for better readability or specific needs: + - JSON format: `journalctl -o json-pretty` + - Verbose format: `journalctl -o verbose` +- **Export Logs**: Save logs for further analysis or reporting: + - `journalctl > logs.txt` or `journalctl -u service-name > service_logs.txt`