Evaluate systemd logs using Journalctl

Lead Image © Aloysius Patrimonio, 123RF.com

Finely Filtered

The Journal is a component of systemd that is responsible for viewing and management of log files.

The systemd service Journald creates very comprehensive logs, which allow you to analyze data in a variety of ways. Once you get used to the convenience this affords, you won't even miss the old-style log files.

Better structured

The Journald daemon collects messages from the kernel, initrd, any running services and other available sources and collects them into one place. This results in a massive amount of data compared to the log files you're traditionally used to such as /var/log/messages or /var/log/syslog. You'll also find a huge amount of metadata is included, which can significantly improve your results when searching the Journal.

This also results in a larger amount of data which is tricky to store in traditional text files. This is why the Journald daemon stores this information in binary files. You can read this data, using the command journalctl. If necessary, you can also convert the binary files to other formats for further analysis.


Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF

Pages: 6

Price $2.95
(incl. VAT)

Buy Raspberry Pi Geek

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content