There are a lot of logs in the Linux server. How to read the logs correctly and quickly locate errors?

Quickly locate the wrong place for a large number of logs

View the log dynamically

tail -f catalina.out

Open the log file from the beginning

cat catalina.out

You can use >nanjiangtest.txt to output a new log to view

[root@yesky logs]# cat -n catalina.out |grep 717892466 >nanjiangtest.txt

tail/ Use the simple head command:

[root@yesky logs]# tail -n number catalina.out 查询日志尾部最后number行的日志[root@yesky logs]# tail -n +number catalina.out 查询number行之后的所有日志[root@yesky logs]# head -n number catalina.out 查询日志文件中的前number行日志[root@yesky logs]# head -n -number catalina.out 查询日志文件除了最后number行的其他所有日志

The first way (find the trip number based on keywords):

Using grep to get very few logs, we Need to check nearby logs. This is what I did, first: cat -n test.log | grep "keyword" to get the line number of the key log

[root@yesky logs]# cat -n catalina.out |grep 71789246613230539        [11:07 17:47:11] INFO nanjiang:Edit Old Article：717892466-2020-11-07 17:47:1113230593        [11:07 17:47:15] INFO nanjiangSave Article ID IS：71789246613230595        717892466 article.getDisplayTime()1 = 2020-11-07 16:25:1113230596        717892466 article.getDisplayTime()2 = 2020-11-07 16:25:1113230601        [11:07 17:47:15] INFO 南江 10.10.10.39  edit    article 717892466       编辑文章

cat -n catalina.out|tail -n 13230539|head -n 10

• tail -n 13230539 means querying the log after line 13230539

• head -n 10 means querying the log after 13230539 lines Check the first 10 records in the previous query results

[root@yesky logs]# cat -n catalina.out |tail -n +13230539|head -n 1013230539        [11:07 17:47:11] INFO nanjiang:Edit Old Article：717892466-2020-11-07 17:47:1113230540        [11:07 17:47:11] INFO Takes:2 ms class com.tmg.cms.manager.dao.article.impl.ArticleContentDaoImpl       getListByArticleId      [NzE3ODkyNDY2]       [int]13230541        [11:07 17:47:11] INFO Takes:1 ms class com.tmg.cms.manager.dao.resourceImage.impl.ResourceImageDaoImpl  load    13230542        [11:07 17:47:11] INFO Takes:0 ms class com.tmg.cms.manager.dao.resourceImage.impl.ResourceImageDaoImpl  load    13230543        [11:07 17:47:11] INFO Takes:1 ms class com.tmg.cms.manager.dao.resourceImage.impl.ResourceImageDaoImpl  load    13230544        [11:07 17:47:11] INFO article.getImage3：/uploadImages/2020/312/02/3NXCRK4U3589_2.jpg13230545        [11:07 17:47:11] INFO Takes:0 ms class com.tmg.cms.manager.dao.resourceImage.impl.ResourceImageDaoImpl  load   13230546        [11:07 17:47:11] INFO Takes:2 ms class com.tmg.cms.manager.dao.privilege.impl.UserDaoImpl       getUserByid     13230547        [11:07 17:47:11] INFO Takes:57 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl     selectSitemapWithoutAudit       [MQ==]  [int]13230548        [11:07 17:47:11] INFO Takes:5 ms class com.tmg.cms.manager.dao.forbidword.impl.ForbidwordDaoImpl        getForbidwordBysiteid   [MjI=]  [int]

Second method: View the logs within the specified time period

First, perform a log query within the range time period and first check whether there is a query within the current day.

grep '11:07 18:29:20' catalina.outgrep '11:07 18:31:11' catalina.out

Query within the time range

sed -n '/11:07 18:29:20/,/11:07 18:31:11/p' catalina.out sed -n '/11:07 18:29:/,/11:07 18:31:/p' catalina.out

第三种方式：查看日志中特定字符的匹配数目

[root@yesky logs]# grep '1175109632' catalina.out | wc -l154

第四种方式：查询最后number行，并查找关键字“结果”

[root@yesky logs]# tail -n 20 catalina.out | grep 'INFO Takes:1'[11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.config.impl.ConfigInfoDaoImpl    load    [11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTkwOTQ5]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI0]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI3]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzMw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzA5NA==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [Mzc4Mg==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [OTM1MA==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MTE5MDMw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTQ2MzQw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTg2NzYy]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzYyMjA=]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.configModule.impl.ConfigModuleDaoImpl    getPersonMenuList

第五种方式：查询最后number行，并查找关键字“结果”并且对结果进行标红

[root@yesky logs]# tail -n 20 catalina.out | grep 'INFO Takes:1' --color[11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.config.impl.ConfigInfoDaoImpl    load    [11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTkwOTQ5]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI0]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI3]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzMw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzA5NA==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [Mzc4Mg==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [OTM1MA==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MTE5MDMw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTQ2MzQw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTg2NzYy]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzYyMjA=]  [int]

第六种方式：查询最后number行，并查找关键字“结果”并且对结果进行标红，上下扩展两行

[root@yesky logs]# tail -n 20 catalina.out | grep 'INFO Takes:1' --color -a2[11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.article.impl.ArticleContentDaoImpl    getArticlePageNum   [NzE4MTM2ODky]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.config.impl.ConfigInfoDaoImpl    load    [com.tmg.cms.manager.model.config.ConfigInfo][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTkwOTQ5]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI0]  [int][11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI1]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzI3]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzMw]  [int][11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzAzNg==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzA5NA==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [Mzc4Mg==]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [OTM1MA==]  [int][11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MTE0MjQ4]  [int][11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MTE4MDc4]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MTE5MDMw]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTQ2MzQw]  [int][11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTQ3MTIw]  [int][11:11 22:02:51] INFO Takes:0 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTY4OTYx]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [NTg2NzYy]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.sitemap.impl.SitemapDaoImpl    getSitemapTop   [MzYyMjA=]  [int][11:11 22:02:51] INFO Takes:1 ms class com.tmg.cms.manager.dao.configModule.impl.ConfigModuleDaoImpl    getPersonMenuList   [com.tmg.cms.manager.model.config.ConfigPersonMenu]

第七种方式：分页查看，使用空格翻页(使用more/less)

[root@yesky logs]# tail -n 2000 catalina.out | grep 'INFO Takes:1' --color -a2 | more[root@yesky logs]# tail -n 2000 catalina.out | grep 'INFO Takes:1' --color -a2 | less

附加：

• 全屏导航
  ctrl + F - 向前移动一屏
  ctrl + B - 向后移动一屏
  ctrl + D - 向前移动半屏
  ctrl + U - 向后移动半屏

• 单行导航
  j - 向前移动一行
  k - 向后移动一行

• 其它导航
  G - 移动到最后一行
  g - 移动到第一行
  q / ZZ - 退出 less 命令

The above is the detailed content of There are a lot of logs in the Linux server. How to read the logs correctly and quickly locate errors?. For more information, please follow other related articles on the PHP Chinese website!