Hi, all.
After recently translating @nevj 's fine howto about transfering a GNU/Linux system to USB, I got into a “flow” and thought, “Hey, why not giving some more back. We have quite some (german) articles in our community…?”
And here I am offering a little Tutorial/Overview about GNU/Linux log files.
I experimented with a format that has both languages in it. Please tell me how you feel about this.
Is it practical? Is it still readable?
Looking forward to opinions (and bug hints of coarse… )
I feel it is readable, and interesting and clever.
There must be quite some number of German documents that you could do this to. And the other way, you could insert German paragraphs into English documents. I like it.
Some little points view is safer than vi for looking at logs or any system file. It is read only.
Some linux distros with Systemd suppress the visible files in /var/log and keep only the systemd log files which are not viewable except thru systemd commands
Some distros ( eg Void) dont keep log files by default.
Could you use colours or italics or something to visually separate paragraphs in the two languages.
And as you may see, I changed the font color of the english paragraphs. Is it still readable? I don’t know, but I think changing that makes it more confusing for readers. Maybe some statements from other readers?
And as you mentioned, I added some chapters to deal with the “brave new world” of systemd/journald/journalctl
But thei are not translated yet.
I once watched, during a webex “tech bridge”, an “engineer” (sarcasm quotes) get stuck figuring out how to exit “vi” (his “script document / cheatsheet” specified to run “view logfile”). I’d never recommend vi (or view) for any newbie…
cat, less, more, tail
I nearly always use, and recommend, less… you can scroll up and down with arrow keys, pgup / down - AND - if you want, use vi navigation keys (including “/” to search!). It’s not always available on shonky old versions of UNIX, but Solaris 11 has “less”, and I’ve never come across any Linux that DIDN’T have it, and NEARLY all of them default to having “less” as your $PAGER (lost count of the times I’d have to type “export PAGER=more” on Solaris servers, “more” a file, press ctrl+C out of it again to find a line that had already scrolled past, ad nauseam, not fun at 3:00 am on dial up).
less can even work like “tail -f” (i.e. keep showing the end of the file as it’s being written) :
e.g. “less /path/to/very-long-logfie” (that’s still being written to) : if you press “F” (i.e. shift F) it will go to the bottom and start showing (or waiting for) any new lines being added to the file in quasi-realtime.
Yes, but we need a utility that can search around in the file, especially to the end. tail maybe. How about tac | less?
or can you find us a newbie friendly read only editor?
Your “engineer” needs a history lesson. It is humanly possible to master vi. The trouble comes from assuming it works like any other editor. It doesnt.
Neville
as I wrote - “less” will let you search in a file… “view” is just an alias (or a symlink) for vi that opens a file read-only…
╭─x@titan ~
╰─➤ which view
/usr/bin/view
╭─x@titan ~
╰─➤ file /usr/bin/view
/usr/bin/view: symbolic link to /etc/alternatives/view
╭─x@titan ~
╰─➤ file /etc/alternatives/view
/etc/alternatives/view: symbolic link to /usr/bin/vim.basic
╭─x@titan ~
╰─➤ file /usr/bin/vim.basic
/usr/bin/vim.basic: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=2ca309b7a6515f720275f5872af1f544841a5708, for GNU/Linux 3.2.0, stripped
╭─x@titan ~
╰─➤ which vi
/usr/bin/vi
╭─x@titan ~
╰─➤ file /usr/bin/vi
/usr/bin/vi: symbolic link to /etc/alternatives/vi
╭─x@titan ~
╰─➤ file /etc/alternatives/vi
/etc/alternatives/vi: symbolic link to /usr/bin/vim.basic
I just realised - my whole point is moot anyway - you still need to use “vi” commands to exit less anyway (I seem to remember the version compiled for Solaris on SunFreeware [which Oracle killed off with a lawyer’s “cease and desist” letter] let you just press Ctrl+c to exit)…
I did not know that. Always wondered why it was ‘better’ than more
I want to try less. You say it does not exit with ‘q’ ?.. needs ‘:q’ or something. Will try. I think that is ok for a newbie… surely they can learn one exit command.
Hi Edgar,
I think you have done well.
I need to try those journalctl commands in my Debian.
Might even learn something
Some points
No english for heading or header of first paragraph
The color for english does work
That dull purple is ideal… it does not want to stand out too brightly
‘cat|more’ you mean cat oder more
I took the | as a pipe
No color for english in systemd section?
Need something at the beginning saying that there are 2 sections to the document dealing with the two approaches to keeping logfiles … text or journal
how does a user look and see whether their Linux has journal or text files? I have seen one system that had both?
There was a debate with Daniel and myself. We ended up agreeing less was safe, easy for beginners, and could search.
I need to test all those journalctl statements . It will take a day or so.
Will get back to you.
Regards
Neville
In my Solus there is a README file in /var/log
nevj@trinity /var/log $ cat README
You are looking for the traditional text log files in /var/log, and they are
gone?
Here's an explanation on what's going on:
You are running a systemd-based OS where traditional syslog has been replaced
with the Journal. The journal stores the same (and more) information as classic
syslog. To make use of the journal and access the collected log data simply
invoke "journalctl", which will output the logs in the identical text-based
format the syslog files in /var/log used to be. For further details, please
refer to journalctl(1).
Alternatively, consider installing one of the traditional syslog
implementations available for your distribution, which will generate the
classic log files for you. Syslog implementations such as syslog-ng or rsyslog
may be installed side-by-side with the journal and will continue to function
the way they always did.
Thank you!
Further reading:
man:journalctl(1)
man:systemd-journald.service(8)
man:journald.conf(5)
http://0pointer.de/blog/projects/the-journal.html
nevj@trinity /var/log $
At least they were polite about it
That is a “pipe”. Just as example how not to do it… (was in the original source text)
That was intentional, until someone would say it’s OK (like you) or not. But I switch it for the next version.
Added that. Just a brief sentence, wanted not to bloat the document…
I don’t know. Any idea how to check this (in an easy way)?
I write “The less command is very powerful to browse log files.”. Or is there more to say?
I updated the file.
I’m still not convinced, that it is a good idea to have both languages in one file…
The longer I work on it, the more I think, we should seperate it into two documents.
Sure, there are advantages like I have to edit only one file, but meanwhile there are 19 pages and it starts to get irritating…
What do you all mean? Is this “experiment” going well? How do you feel about reading this? How do you experience the flow of reading, when every other paragraph is in another language?
)