Many Linux servers are administered on the commandline e.g. with an SSH connection. In the following article, I will explain several shell commands that make it easy to view logfiles.
Get the last N lines of a log file
The most important command is "tail". Tail can be used to read the last lines from a file. Examples:
Get the last 100 lines from the Debian mail log file:
tail -n 100 /var/log/mail.log
Get new lines from a file continuously
To get all newly added lines from a log file in realtime on the shell, use the command:
tail -f /var/log/mail.log
to quit tail and go back to the command line press the keys [ctrl] + [c]
Get the result line by line
If you want to get the last 1000 lines from a log file and they do not fit into your shell window, you can use the command "more" to be able to view them line by line.
tail -n 1000 /var/log/mail.log | more
press [space] to go to the next line or [ctrl] + [c] to quit.
Search in a log file
If you want to search for a specific term in a large file, the command "grep" comes in handy. Example: We search for the email address "firstname.lastname@example.org" in the mail log file:
grep "email@example.com" /var/log/mail.log
To store the result of the above grep command into a file named result.txt, use this command:
grep "firstname.lastname@example.org" /var/log/mail.log > /tmp/result.txt
View the whole content of a file
If you want to view the whole content of a file on the shell, use the command "cat". Example:
will show you detailed info about the CPU of your computer.