Results 1 to 6 of 6

Thread: Understanding logs

  1. #1
    6205 NNTP User

    Default Understanding logs


    When i look into linux logs it's not like Event viewer in Windows
    because i don't know what is error, what is warning or only
    information..

    These logs are mess and there in no eventlog-like online knowledge base
    to fix/resolve particullar errors(events)

    Compare this http://img212.imageshack.us/img212/9...razovkaqe7.png
    with this http://img386.imageshack.us/img386/8004/acpicg7.jpg

    Is there somewhere some useful site or knowledge base for fixing
    issuses and clean logs from various errors or it is hopeless? Please
    don't tell my that i must Google for every strange line in logs. I was
    used to tweak my Vista to perfection and resolve all issues in Even
    Viewer, mostly with help of Event viewer online KB, but this is probably
    utopia in linux...


    --
    6205
    ------------------------------------------------------------------------
    6205's Profile: http://forums.opensuse.org/member.php?userid=2283
    View this thread: http://forums.opensuse.org/showthread.php?t=404401


  2. #2
    ken yap NNTP User

    Default Re: Understanding logs


    Unfortunately each message can only be understood in the context of the
    processes and circumstances that generated it. Don't imagine that every
    problem can be automatically classified and explained by software. So
    Google doesn't rule everywhere yet, there is still a use for these
    forums. So perhaps you might like to be more specific and start a new
    thread explaining what it is you are trying to achieve and what is not
    happening.


    --
    ken_yap
    ------------------------------------------------------------------------
    ken_yap's Profile: http://forums.opensuse.org/member.php?userid=221
    View this thread: http://forums.opensuse.org/showthread.php?t=404401


  3. #3
    6205 NNTP User

    Default Re: Understanding logs


    Hm...there is nothing particular what i want to achieve. It was only a
    question, if there are some easy ways how to distinguish various
    messages from logs and so on. Fox example a few recent lines from
    /var/log/messages gives me creeps :/ Hopefully will my new desktop from
    HP not die anytime soon...

    btw. i have standard GNOME 32bit installation with only packman extra
    repository and pc is HP dc7900SFF

    Jan 8 11:14:44 home-desktop kernel: pan0: Dropping NETIF_F_UFO since
    no NETIF_F_HW_CSUM feature.
    Jan 8 11:14:44 home-desktop bluetoothd[4273]: bridge pan0 created
    Jan 8 11:14:45 home-desktop ifup: pan0
    Jan 8 11:14:45 home-desktop bluetoothd[4273]: Starting experimental
    netlink support
    Jan 8 11:14:46 home-desktop bluetoothd[4273]: Failed to find Bluetooth
    netlink family
    Jan 8 11:14:46 home-desktop ifup: No configuration found
    for pan0
    Jan 8 11:14:46 home-desktop bluetoothd[4273]: Registered interface
    org.bluez.Service on path /org/bluez/4273/any
    Jan 8 11:14:46 home-desktop bluetoothd[4273]: Parsing
    /etc/bluetooth/audio.conf failed: No such file or directory
    Jan 8 11:14:46 home-desktop kernel: Bluetooth: SCO (Voice Link) ver
    0.6
    Jan 8 11:14:46 home-desktop kernel: Bluetooth: SCO socket layer
    initialized
    Jan 8 11:14:46 home-desktop bluetoothd[4273]: Parsing
    /etc/bluetooth/input.conf failed: No such file or directory
    Jan 8 11:20:38 home-desktop checkproc: checkproc: cannot stat
    /usr/bin/pand: No such file or directory
    Jan 8 11:20:38 home-desktop checkproc: checkproc: cannot stat
    /usr/bin/dund: No such file or directory
    Jan 8 11:44:19 home-desktop smartd[3959]: Device: /dev/sda [SAT],
    SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 73 to
    74
    Jan 8 11:44:19 home-desktop smartd[3959]: Device: /dev/sda [SAT],
    SMART Usage Attribute: 194 Temperature_Celsius changed from 73 to 74
    Jan 8 11:44:19 home-desktop smartd[3959]: Device: /dev/sda [SAT],
    SMART Usage Attribute: 200 Multi_Zone_Error_Rate changed from 253 to
    100
    Jan 8 11:49:11 home-desktop kernel: [drm:i915_getparam] *ERROR*
    Unknown parameter 5
    Jan 8 11:53:47 home-desktop kernel: [drm:i915_getparam] *ERROR*
    Unknown parameter 5
    Jan 8 12:14:08 home-desktop syslog-ng[1932]: Log statistics;
    dropped='pipe(/dev/xconsole)=0', dropped='pipe(/dev/tty10)=0',
    processed='center(queued)=174', processed='center(received)=129',
    processed='destination(newsnotice)=0', processed='destination(acpid)=0',
    processed='destination(firewall)=17', processed='destination(null)=0',
    processed='destination(mail)=4', processed='destination(mailinfo)=4',
    processed='destination(console)=10', processed='destination(newserr)=0',
    processed='destination(newscrit)=0',
    processed='destination(messages)=108',
    processed='destination(mailwarn)=0',
    processed='destination(localmessages)=4',
    processed='destination(netmgm)=0', processed='destination(mailerr)=0',
    processed='destination(xconsole)=10', processed='destination(warn)=17',
    processed='source(src)=129'
    Jan 8 12:14:19 home-desktop smartd[3959]: Device: /dev/sda [SAT],
    SMART Prefailure Attribute: 1 Raw_Read_Error_Rate changed from 253 to
    100
    Jan 8 12:23:13 home-desktop kernel: [drm:i915_getparam] *ERROR*
    Unknown parameter 5
    Jan 8 12:23:13 home-desktop kernel: [drm:i915_getparam] *ERROR*
    Unknown parameter 5
    Jan 8 12:33:13 home-desktop kernel: [drm:i915_getparam] *ERROR*
    Unknown parameter 5

    I really miss badly Event Viewer, because i don't know what is what
    Anyway i will propably ignore all those confusing lines..


    --
    6205
    ------------------------------------------------------------------------
    6205's Profile: http://forums.opensuse.org/member.php?userid=2283
    View this thread: http://forums.opensuse.org/showthread.php?t=404401


  4. #4
    ken yap NNTP User

    Default Re: Understanding logs


    Most of them are just normal information messages. It's probably more
    useful to look at them when you actually have a problem, than to go
    looking at logs without any goal.


    --
    ken_yap
    ------------------------------------------------------------------------
    ken_yap's Profile: http://forums.opensuse.org/member.php?userid=221
    View this thread: http://forums.opensuse.org/showthread.php?t=404401


  5. #5
    Odin NNTP User

    Default Re: Understanding logs

    > I really miss badly Event Viewer, because i don't know what is what
    > Anyway i will propably ignore all those confusing lines..


    I have used Linux (exclusively) for years, and that is exactly what I
    do (ignore the logs):

    If it works, don't fix it!

  6. #6
    Kevin Miller NNTP User

    Default Re: Understanding logs

    6205 wrote:
    > When i look into linux logs it's not like Event viewer in Windows
    > because i don't know what is error, what is warning or only
    > information..
    >
    > These logs are mess and there in no eventlog-like online knowledge base
    > to fix/resolve particullar errors(events)
    >
    > Compare this http://img212.imageshack.us/img212/9...razovkaqe7.png
    > with this http://img386.imageshack.us/img386/8004/acpicg7.jpg
    >
    > Is there somewhere some useful site or knowledge base for fixing
    > issuses and clean logs from various errors or it is hopeless? Please
    > don't tell my that i must Google for every strange line in logs. I was
    > used to tweak my Vista to perfection and resolve all issues in Even
    > Viewer, mostly with help of Event viewer online KB, but this is probably
    > utopia in linux...


    It's funny that you say that. Event viewer drives me nuts. As often as
    not, the kb article the message refers to is either non-existant, or
    worthless as side pockets on a pig. And the tiny little window is hard
    to read. But to each his own.

    If you go to /var/log/ and look at the files in it you'll see that
    things aren't so bad as they seem at first. messages is a sort of
    catch-all for most system messages that come down the pike. In addition
    to it, you'll see files that are specifically for error or warning
    messages such as warn or messages. Similarily, the mail system will
    have mail.info, mail.err and mail.warn.

    Do some research on syslog for a better understanding of how the logging
    system works. It's actually quite flexible, allowing each program to
    have it's own output logs so you don't have everything in one of three
    like a default windows system. For instance, you'll find web server
    logs in /var/log/apache2/.

    Also, look into tools such as logdigest, which allow you to filter out
    the boring informational messages and present a file w/the "interesting"
    entries. And, of course, there's grep and regular expressions for some
    high powered searching capabilities. Once you learn a bit more about
    it, I think you'll find it is very powerful and flexible. It is
    somewhat daunting at first though...

    ....Kevin
    --
    Kevin Miller
    http://www.alaska.net/~atftb
    Juneau, Alaska
    Registered Linux User No: 307357, http://counter.li.org

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •