Linux live log files

To watch Linux live log files can help you a lot while debugging or fault finding your system. I personally use this technique to watch the access log files. With public servers on the internet there will be attacks against your servers. Everything from random brute force attacks, to specific attacks against your user accounts and applications.

Anyway, to watch linux live log files we use a command called tail. Tail simply just output the last part of a file. If you try tail /var/log/apache2/access.log, your output will be something like this:
root@web:~# tail /var/log/apache2/access.log
184.91.251.157 – – [04/Jun/2016:17:54:33 +0200] “-” 408 0 “-” “-“
180.47.2.10 – – [04/Jun/2016:17:54:54 +0200] “-” 408 0 “-” “-“
41.47.255.110 – – [04/Jun/2016:19:26:19 +0200] “-” 408 0 “-” “-“
188.191.165.78 – – [04/Jun/2016:21:26:18 +0200] “-” 408 0 “-” “-“
186.119.84.137 – – [04/Jun/2016:23:15:55 +0200] “-” 408 0 “-” “-“
5.139.232.70 – – [04/Jun/2016:23:16:12 +0200] “-” 408 0 “-” “-“
99.95.169.97 – – [04/Jun/2016:23:21:38 +0200] “-” 408 0 “-” “-“
81.141.159.210 – – [04/Jun/2016:23:21:39 +0200] “i!/\xb0t\xa7\b@\x1f\xddE\xa9” 501 298 “-” “-“
88.243.202.238 – – [04/Jun/2016:23:26:17 +0200] “-” 408 0 “-” “-“
73.53.219.166 – – [05/Jun/2016:00:13:52 +0200] “-” 408 0 “-” “-“

This will just print the last 10 entries to access.log and quit the tail command. If you only need the last line of the log file, you can use the -n option with the tail command. If you type tail -n 1 /var/log/apache2/access.log, the output will be something like this:
73.53.219.166 – – [05/Jun/2016:00:13:52 +0200] “-” 408 0 “-” “-“

Like before the tail command will display the log information, and then quit.

The most useful option if we want to keep an eye of the log files live, is the option -f. -f means follow.

If you type in tail -f /var/log/apache2/access.log, it will display the last 10 lines of the log file. Then it will stay open, and not quit like before and display new log file entries as they are appended into the log file. In the above example that means every time a user is visiting your web server they tail command will output the log file entries live.

That is how you can watch Linux live log files.

You can read more about the tail command here http://www.computerhope.com/unix/utail.htm

Happy logging!

About Author

ronny

See author's posts

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Linux live log files

About Author

Related Posts

Leave a Reply Cancel reply