F20 System Wide Change: No Default Syslog
John.Florian at dart.biz
John.Florian at dart.biz
Wed Jul 17 14:38:46 UTC 2013
> From: m.a.young at durham.ac.uk
>
> On Wed, 17 Jul 2013, Lennart Poettering wrote:
>
> > "cat /var/log/messages" becomes "journalctl"
> > "tail -f /var/log/messages" becomes "journalctl -f"
> > "tail -n100 /var/log/messages" becomes "journalctl -n100"
> > "grep foobar /var/log/messages" becomes "journalctl | grep foobar"
> >
> > This isn't complex. You can grep/sed/awk as much as you want. You just
> > do it over the output of journalctl rather than teh file. That's not
> > that big a difference.
>
> One thing you have missed is how you edit the log file. There may be
cases
> where you want to strip out log entries, eg. when a process has gone
wild
> and swamped the useful messages with useless ones and you want to keep
the
> useful ones and throw away the useless ones.
I used to do something like this with vim ":g/NOISE/d" until I could see
the detail I wanted when the alternations for grep would have been
tremendously long. With journalctl's built-in filtering capabilities I'm
glad I don't have to do that anymore; it's way more concise. However, all
use cases differ, so if you must, you can: "journalctl | vim -". YMMV
with other editors though.
--
John Florian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130717/bec9ece5/attachment.html>
More information about the devel
mailing list