At some point in your career as a Software Tester or a System Admin, you’d be required to view log files.

After all, they are there for one very important reason…to help you troubleshoot an issue. In fact, every seasoned tester will immediately tell you that the first thing to be done, when a problem arises, is to view the logs.

And there are plenty of logs to be found: logs for the system, logs for the kernel, for package managers, for Xorg, for the boot process, for Apache, for MySQL… For nearly anything you can think of, there is a log file.

Viewing huge log files for trouble shooting is a mundane routine tasks for anybody and so much time is spent if you start going through it line by line.

Instead Unix/Linux gives you a lot of good commands, through the command line features that you can use to view and troubleshoot through your log files.

Using GREP Command

The grep command is single-handedly one of the most common and useful commands when it comes to viewing or reviewing or troubleshooting the log files. Since the command is universal across various unix distributions, you can use this on any unix based systems.

grep can be configured with a whole lot of options for viewing contents of a file or a log file in general.

Let’s get a log file that contains some error. I recently ran a npm library and some commands and it returned me an error which was then logged in the log file. Let’s use that

2017-09-23_1358

Now here I want to search for all the lines that contain the word error. We can use grep command to search this by passing the filename and the search string to the command

grep error /Users/zac/.npm/_logs/2017-09-23T08_28_33_918Z-debug.log

which outputs this

2017-09-24_1214

If you want to ignore the case, then you have to pass a parameter -i which tells grep to ignore the case. In this case error, Error, ERROR would be considered the same.

grep -i error /Users/zac/.npm/_logs/2017-09-23T08_28_33_918Z-debug.log

In case you want to search recursively i.e read all files under each directory for a string “abcd”, you can add the -R parameter in your grep command

This would give an output like this

2017-09-24_1250

You will see result for string on a separate line preceded by the name of the file in which it was found. The inclusion of the file names in the output data can be suppressed by using the -h option as follows:

grep -h -R error /Users/zac/.npm/_logs/2017-09-23T08_28_33_918Z-debug.log

2017-09-24_1254

In it’s normal format grep will match all the substrings of the word too. So if you search for error you will also match error12, error34, fooerror etc. In order for grep to ignore all this, and only match error word , you can add a -w flag

grep -w "boo" file_name/filepath

Multiple Words In Single Command

 

egrep gives you the freedom of searching for more than a single string in a single command. In order to search for two separate words error and node in a single command, you’d do

egrep -w error|node /path/to/file

Count Lines When Words Have Been Matched

 

grep can report the number of times that the pattern has been matched for each file using -c (count) option:

grep -c -w 'word' /path/to/file

Pass the -n option to precede each line of output with the number of the line in the text file from which it was obtained

grep -c -n 'word' /path/to/file

2017-09-24_1306

 

To List All Files Matching a word

 

If you want to list all files that contain a specific word then you can do it using grep with the -l flag.

grep -l 'error' *.log

will list all the log files that contain the word error.

 

Using CAT command

 

If you want to view all the contents of a file on the terminal, you can use the cat command to achieve this using

cat filename.txt

 

Displaying First N number of lines

 

If you want to display first N number of lines from your log file, you can use the head command with the N number of lines that you want to see.

For example, I want to see first 15 lines from one of my files, so I will write this

head 15 filename.txt

On the other hand, if you want to see all lines of files, except the last N lines, then you need to pass a similar command, which will return all lines of files, except the last N lines in the file

head -15 filename.txt returns all the lines of files, except the last 15 lines.

2017-09-24_1319

2017-09-24_1320

These two images show the difference between the two head commands that are mentioned above. The first one shows only first 15 lines in file, while the second one shows all contents of file, except the last 15 lines.

 

Displaying Last N number of lines

 

Similarly as with the head command, you can use the tail command to view the last N lines of a file.

If you want to see the last 5 lines of a file, you’d do

tail -n 5 filename

or

tail 5 filename

2017-09-24_1335

If you want to ignore last N-1 lines from the file, you can use tail command as

tail -n +N filename

In this way you can use the various commands – grep, cat, head , tail for retrieving information from you log file.

If you want more information about these commands and what else you can do with these commands, you can use this link, which has much more information about these commands.