Open in app

Sign in

Write

Sign in

Logging with Journalctl

Snekhasuresh
featurepreneur
Published in
2 min readOct 11, 2022

Are you worried about your systems’ updates? Do you want to store and log everything you work on your system? Well, Linux has the answer for you! Journalctl.

Journalctl is the command line tool that lets you interact with the journal logs.

With journalctl, you can read logs, monitor the logs in real-time, and filter the logs based on time, service, severity and other parameters.

Check if journal logs are enabled on your system

Some Linux distributions, especially the desktop ones, don’t enable the journal logs by default.

The default location of journald logs is /var/log/journal the directory. You should make sure that this directory exists. If not, create it yourself.

Next, in the /etc/systemd/journald.conf file make sure that the value Storage is set to either auto or persistent.

The journald.conf file shows the default values. So even if there is a # in front of the entries, it means those are the default settings being used. If you want to change anything, you remove the # from that line.

Read your logs with journalctl

If you just type journalctl in the terminal, it will show the journal logs in chronological order.

journalctl

Logs in the reverse order

The logs are shown in chronological order in the previous command. This means the oldest stored logs are displayed first.

If you want to see the recent logs first, you can display the journal logs in reverse order with the option -r:

journalctl -r

Display only N recent lines of journal logs

Instead of showing all logs, you can choose to display only a certain number of lines from log using the -n option.

For example, the command below will display the most recent 50lines of the logs:

journalctl -n 50

Filter logs for a certain time interval

This is another example of the string-filtering capability of journal logs. You can filter logs for a certain time period and there are various ways to do that.

You may use natural language to filter the logs. Terms like yesterday, today and tomorrow are recognized.

journalctl --since=yesterday --until=now

You can also specify a date or date time combination:

journalctl --since "2022-10-07"

Enjoy logging with journalctl by your side!

Hope this article for useful for you!

--

--

Snekhasuresh
featurepreneur

Written by Snekhasuresh

14 Followers
Writer for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams