Sign In
Sign In

How To Use Journalctl to View and Manipulate Systemd Logs

How To Use Journalctl to View and Manipulate Systemd Logs
Adnene Mabrouk
Technical writer
Linux
30.07.2024
Reading time: 5 min

Systemd, the init system and service manager for Linux, introduced a centralized logging system called the Journal. This system collects and stores logs in a binary format, which can be accessed and managed using the journalctl command. Unlike traditional log files scattered across /var/log, systemd's journal offers a structured approach to logging, providing richer metadata and more powerful querying capabilities.

Syntax and Basic Usage

The journalctl command is the primary interface for accessing system logs stored in the systemd journal. Its basic syntax is straightforward:

journalctl [OPTIONS] [MATCHES...]

By default, journalctl displays logs from the current boot session. Here are some essential options:

  • -b: Show logs from a specific boot.

  • -u UNIT: Show logs for a specific systemd unit.

  • -p PRIORITY: Show logs with a specific priority level.

  • -n NUM: Limit the number of log lines displayed.

Filtering and Querying Logs

One of the strengths of journalctl lies in its powerful filtering capabilities. You can filter logs based on various criteria such as time, priority, systemd unit, and more:

journalctl --since "2023-01-01 00:00:00" --until "2023-01-01 12:00:00"
journalctl -p err -b
journalctl -u nginx.service

These commands respectively filter system logs by time range, by error priority level from the current boot, and by the nginx systemd unit.

Viewing Logs for Specific Units

To inspect logs related to specific service of systemd, use the -u option followed by the unit name:

journalctl -u sshd.service

This command displays logs specifically for the sshd service, aiding in pinpointing issues related to that particular unit.

Advanced Features and Options

Beyond basic filtering, journalctl offers advanced features to refine your log analysis:

  • Output Formatting: Customize the output using options like --output to display logs in different formats (e.g., json, short, verbose).

  • Follow Mode: Watch logs in real-time as new entries are added (-f or --follow).

  • Data Export: Export logs to a file for further analysis or sharing.

These features empower administrators and developers to efficiently monitor system behavior and diagnose issues promptly.

Persistent Logging

By default, systemd's journal logs are stored in a volatile manner, meaning they are lost upon reboot. To ensure logs persist across reboots, you need to configure persistent logging. This involves creating a directory /var/log/journal, which systemd will use to store logs persistently:

sudo mkdir -p /var/log/journal
sudo systemd-tmpfiles --create --prefix /var/log/journal
sudo systemctl restart systemd-journald

With this setup, logs will be retained across system reboots, making it easier to track long-term issues and historical data.

Log Rotation and Compression

The journal can consume a significant amount of disk space over time. Systemd provides built-in log rotation and compression to manage disk usage efficiently. You can configure these settings in the /etc/systemd/journald.conf file. Key parameters include:

  • SystemMaxUse: The maximum disk space the journal may use.

  • SystemKeepFree: The amount of disk space that should remain free.

  • SystemMaxFileSize: The maximum size of individual journal files.

  • Compress: Whether to compress archived journal files.

Adjust these parameters according to your system's requirements to balance log retention and disk usage.

Security and Access Control

The systemd journal provides mechanisms to control who can read the logs. By default, only users in the systemd-journal group can access the full logs. You can add a user to this group using:

sudo usermod -aG systemd-journal <username>

This ensures that sensitive log data is protected and only accessible to authorized personnel. Additionally, logs can be encrypted to enhance security, which is particularly useful in environments with stringent data protection requirements.

Analyzing Boot Performance

journalctl can also help analyze system boot performance, identifying potential bottlenecks and issues during startup. Using the -b option with -1, -2, etc., you can view logs from previous boot sessions:

journalctl -b -1

To further break down the boot process, use the systemd-analyze command, which integrates with journalctl to provide a detailed timeline of the boot sequence.

Integrating with Monitoring Tools

For comprehensive system monitoring, journalctl can be integrated with various monitoring and alerting tools like Nagios, Zabbix, and Prometheus. These integrations allow for real-time log analysis and alerting, ensuring that critical issues are detected and addressed promptly. Tools like fluentd or Logstash can be used to forward journal logs to a centralized logging system, facilitating easier analysis and correlation with other logs and metrics.

Conclusion

Mastering journalctl is crucial for effective system administration and troubleshooting on modern Linux distributions using systemd. Its centralized and structured approach to logging, coupled with robust filtering and querying capabilities, streamlines the process of diagnosing problems and monitoring system health. By utilizing the techniques and commands outlined in this guide, you can gain deeper insights into your system's operation, ensuring smooth and reliable performance over time. Whether you're an experienced sysadmin or a Linux enthusiast, journalctl remains an indispensable tool in your toolkit for managing systemd logs effectively.

You can buy Linux VPS for your projects on Hostman. 

Linux
30.07.2024
Reading time: 5 min

Similar

Linux

How to Partition and Format Disk Drives on Linux

Before learning how to create and format a partition, we must know what a partition is. First, think of it this way, if you need to run multiple operating systems on one computer or you have different types of raw data that need a huge space and you want to categorize it while storing it on your computer then you will be needing multiple partitions. A partition is merely a specified closed space on a disk that acts as a storage container. This storage container can be called a separate disk and stores data and information. One disk can be divided into multiple partitions based on the requirements.Partitioning is the process of dividing a physical storage device into separate sections, allowing each to function as an independent drive. This is useful for organizing data, dual-booting multiple operating systems, or ensuring system stability by keeping user files separate from system files. Formatting, on the other hand, prepares a partition for use by creating a filesystem, such as ext4, NTFS, FAT32, or XFS, making it readable and writable by the OS. If you're working with Linux, you may need to partition or format a drive when installing a new hard disk, setting up a USB drive, or troubleshooting storage issues. Fortunately, Linux offers various tools for these tasks, ranging from user-friendly GUI applications like GParted to powerful command-line utilities like fdisk, parted, and mkfs. In this guide, we'll walk you through the entire process of partitioning and formatting a drive on Linux, covering both GUI and terminal-based methods for Linux. Whether you're a beginner looking for an easy way to manage storage or an advanced user needing precise control over partitions, this guide has you covered. Method 1: Partitioning and Formatting Using the GUI (GParted) 1. Install Gparted First off, you need to install Gparted which is a great tool when it comes to creating partitions and formatting them.  Make certain that your repository is refreshed and up to date. sudo apt update For Debian Based Linux: sudo apt install gparted For Fedora Linux: sudo dnf install gparted For Arch Linux: sudo pacman -S gparted 2. Launch Gparted After Gparted has been installed, you can either launch it from the terminal or find it in the Apps section on your Linux OS: To launch it from the terminal, use: sudo gparted 3. Choose Your Drive Within the interface of Gparted, click in the right top corner on the pointed box. Now, two options will appear: /dev/sda /dev/sdb Select /dev/sdb which appears as your secondary drive. Be careful before making any changes to /dev/sda, as it is typically your main system drive. 4. Create, Delete, and Format Partitions First off, let's start by looking at how to delete a partition, which is quite straightforward in GParted. Select the /dev/sdb and then right-click on it and you will see the option to delete it. Clicking the highlighted Delete option will mark the selected partition for deletion. You’ll need to apply the changes to finalize it. If you need to create a new partition then simply right-click on the unallocated space and you will see an option that says New. Choose the desired size for the new partition, and more importantly, select a suitable file system. In most cases, ext4 is recommended for Linux systems due to its stability and wide support. However, if you're creating a partition for use with Windows, you might prefer NTFS, or FAT32 for USB drives that need cross-platform compatibility. I’ll keep the size the same but I’ll adjust the label as Hostman D.  Now comes the key step, formatting the partition. Right-click on the new partition, select Format to, and choose the same file system you selected earlier, such as ext4, FAT32, or NTFS. The format you choose should align with how you plan to use the drive, ext4 for Linux systems, NTFS for Windows compatibility, or FAT32 for broader device support. 5. Apply Changes To apply the changes, click on the tick icon as shown in the screenshot. A pop-up will appear that prompts you to confirm applying  these changes. Click Apply. You will see a success window confirming that the changes have been made. Method 2: Partitioning and Formatting Using the Terminal Now let’s look at how to handle partitioning, formatting, and mounting using the terminal, a more hands on approach suited for those comfortable with command line tools. 1. Identify Your Disk Before starting, make sure to list all connected disks and identify the one you plan to work with. To do that, run the following command: lsblk Or run the fdisk command: sudo fdisk -l I will work with the disk /dev/sdb. Now, let’s head towards the next step to make a partition. 2. Partition the Drive It's very simple to partition the drive using fdisk.  sudo fdisk /dev/sdb Once you run the above command it will open the fdisk menu where you can type in different letters for different actions such as n can be used for creating a new partition, p to display the partition table, d for deletion, and w for write and exit. To create the partition, use n: To print the partition table, use p: To delete the partition, use d: To write changes and exit, use w: If you are using GUID partition tables then use the parted command with sudo: sudo parted /dev/sdb 3. Format the Partition After the partitions have been created, you can format them according to the file system required. For ext4 (Linux systems): sudo mkfs.ext4 /dev/sdb5 For NTFS (Windows compatibility): sudo mkfs.ntfs /dev/sdb5 For FAT32 (USB drives, older systems): sudo mkfs.vfat -F 32 /dev/sdb5 4. Mount the Partition Create a mount point: sudo mkdir /mnt/mydrive Mount the partition: sudo mount /dev/sdb5 /mnt/mydrive 5. Auto-Mount at Boot  If you want to auto-mount at the start-up, you need to first acquire UUID: sudo blkid Then, add it to /etc/fstab: UUID=your_uuid /mnt/mydrive ext4 defaults 0 2 Simply press CTRL+O to write out and save, then press CTRL+X to exit from the nano editor. Conclusion Either for creating partitions or formatting the disk, managing disks is a great skill to have up your sleeves. Fundamentally, Windows and Mac OS have a graphical user interface where you can create partitions and format them while Linux provides you the flexibility to do so from the terminal. You can also use the GUI option in Linux to do essentially the same thing. It’s not impossible though to create partitions and format them in Windows and Mac OS from the command line but the popular and heavily used option is the GUI choice by Windows and Mac OS users. Creating partitions within Linux is a top skill when it comes to Linux administration tasks. Even if you are a general Linux user, this could be an interesting area to explore. If you are not familiar with creating, deleting, and formatting partitions then this article could be your guide to understand these concepts in a simple way. We have followed two approaches, one where we used the graphical user interface and a tool called Gparted, and the second approach where we do and handle everything inside the terminal. The main ease comes from knowing that you can format the partition to any file system you choose like NTFS, ext4 etc. We have talked about them in significant detail in this article and we have discussed how to format your partition with one of the many file systems. 
26 May 2025 · 6 min to read
Linux

How to Create a Text File in Linux Terminal

In Linux, you can access and edit text files using a text editor that is designed to work with plain text. These files are not specifically coded or formatted. Linux allows one to create a file in numerous ways. The fastest is, probably, Linux Command Line or Terminal. For all users—especially server administrators—who must rapidly generate text files, scripts, or configuration files for their work, this is a very important ability. Let's proceed to the guide on four standard techniques for creating a text file on the terminal. Prerequisites for File Creation in Linux Ensure these prerequisites are met before generating files in a Linux environment using the command-line interface: Access to a Functional Linux System: You must either have a Linux-based operating system installed on your computer or secure access to a Linux server via SSH (Secure Shell) protocol. Operational Terminal Interface: Confirm that your terminal application is accessible and fully operational. The terminal serves as your primary gateway to executing commands. Adequate User Permissions: Verify you can create files within the chosen directory. You may need to use sudo (for directories with access restrictions) to escalate privileges. Fundamental Commands Proficiency: You must get familiar with essential commands, such as touch for file creation, echo for printing text, cat for viewing file contents, and text editors like nano, vim, or vi for editing files directly. Text Editing Utilities: Ensure your system includes text editing tools: nano for command line simplicity, vim for advanced configurations, or graphical options like gedit for user-friendly navigation. Directory Management Expertise: Develop familiarity with directory navigation commands like cd for changing the working directory and ls for listing directory contents. This knowledge streamlines your workflow and avoids potential errors. Using the touch Command Generally, we use the touch command to create empty files and change timestamps. It will create an empty file if it doesn't exist already.  To create a text file in the current directory with the touch command: Open your terminal emulator. Type the command: touch filename.txt Change "filename" to your desired name. The timestamps for access and modification will be updated without changes in file content if the file exists already. Otherwise, an empty file is created with a given name.  Press Enter—if it is successful, there will be no output. Use the ls command to list the directory content and verify file creation. Using the echo Command Redirection The echo command is widely used to display text on the terminal. But its capabilities go beyond that; it may also be used to write content to a file or create an empty file. For this, combine the echo command with double redirect symbols (you can also use a single >) and the desired filename. A text file can be created by redirecting the output of the echo command to a file. See how it works: Open your terminal emulator. Type the command: echo “Your text content here” > filename.txt Replace the text in double quotations (do not delete them) with yours to add it to the file.  After you press Enter, your text will be added to the file filename.txt. It will overwrite an existing file, if there is one. Otherwise, it will just create a new one. Press Enter. To verify that the file has been created and contains the desired content, use cat command to display the content.  Using the cat Command Redirection In Linux, the cat command is mostly used to concatenate and show file contents. It can, however, also be used to generate a text document by redirecting the standard output of cat to a file. Open your terminal emulator. Type the following command: cat > filename.txt Replace filename.txt with the name for your text file. This command instructs cat to receive input rom the terminal and to redirect it into the filename.txt. Press Enter. The terminal will be waiting for input.  Enter the text you want in the file. Press Enter after each line. Press Ctrl + D when you are done. This signals the end of input to the cat and saves the content.  Run the cat command to check that the file has been created and contains the desired content. Start using Hostman efficient S3 storage Using printf for Advanced File Creation The printf utility is a powerful alternative to echo, offering enhanced formatting options for structuring text. It allows users to create files with precisely formatted content. Open the terminal. Use printf to define the text layout, incorporating formatting elements like newlines (\n) or tabs (\t). Redirect the output to a file using the > operator. Example: printf "First Line\nSecond Line\nIndented\tThird Line\n" >  formatted_file.txt Run the cat command to inspect the file's content and ensure the formatting matches expectations. Append Without Overwriting: To add content to an existing file without overwriting its current data, replace > with the append operator >>: printf "Additional content here.\n" >> formatted_file.txt Using a Text Dditor You can also create new files in linux text editors. There is always at least one integrated command-line text editor in your Linux distribution. But you can choose and install a different one according to your preferences, for example, Vim, Nano, or Emacs. Each of them has its own features and advantages. Vim vim, which stands for "Vi IMproved," is a very flexible and adaptable text editor. It is well-known for its modal editing, which allows for distinct modes for various functions like text entry, navigation, and editing. It allows split windows, multiple buffers, syntax highlighting, and a large selection of plugins for extra features. To create a text file using vim, follow the steps below: Open vim, with the desired filename as an argument. Press i to switch to Insert mode. Start typing and editing the filename.txt.  To save and exit, press Esc to ensure that command mode is running. Type: wq (write and quit) and press Enter. Nano nano is ideal for short adjustments and straightforward text files because it is lightweight and requires little setup. It provides support for basic text manipulation functions, search and replace, and syntax highlighting. To create a text file using nano, follow the steps below:  Run nano with the desired filename as an argument. It will open a new buffer for editing the file filename.txt. Start typing and editing the filename.txt.  To save and exit, press Ctrl + O to write the file, confirm the filename, and then press Ctrl + X to exit Nano. Emacs emacs is a powerful and flexible text editor that supports syntax highlighting, multiple buffers, split windows, and integration with external tools and programming languages. To create a text file using emacs, follow the steps below:  Open emacs, with the desired filename as an argument. Start typing and editing the filename.txt.  To save and exit, press Ctrl + X, followed by Ctrl + S to save the file, and then Ctrl + X, followed by Ctrl + C to exit Emacs. Note: If a message states that "VIM command not found", "nano command not found" or "emacs command not found" in Linux, it typically means that the vim, nano or emacs text editor is not installed on the system, or it's not included in the PATH environment variable, which is a list of directories where the operating system looks for executable files. To resolve this, install the text editor first using the command:  apt-get install vim apt-get install nano  apt-get install emacs Gedit An intuitive text editor that supports working with plain text and has syntax highlighting for programming languages. A straightforward graphical interface makes it usable for various tasks, from quick edits to complex document preparation. Open the Gedit Application: Launch Gedit either through the applications menu or by executing the following command in the terminal: gedit example.txt Gedit will create a new file if the specified one does not exist. Input Your Text: Type or paste your desired content into the editor. Save the File: Save your work with Ctrl + S or select File > Save. If creating a new file, specify a filename and a location. Verify: Return to the terminal and confirm the file exists with the ls command or review its content with cat. Linux File Creation Recommendations Ensure you have sufficient permissions to create files in the target directory. If they are insufficient, consider working in a directory where you have full rights (or elevate privileges with sudo). Check if a file with the identical name is already present before using the > operator, as the command will overwrite existing content. To prevent data loss, opt for the append operator >>. Familiarize yourself with the printf, echo, and text editors like vim or nano. These tools will help you reduce errors when working with files in Linux, as well as boost productivity. Use printf for creating files requiring structured content, such as configuration files or scripts with precise formatting needs. Conclusion Now you have acquainted yourself with the fundamental skill of creating a file in Linux using the terminal! Using the Linux command line, several fast and efficient methods exist to create and manage text files. Apply several techniques to meet a different requirement using the touch, echo, cat, printf commands, or text editors like vim, nano, gedit, or emacs. Users can select the method that sufficiently meets their requirements, such as creating empty files, appending text, or significantly modifying material. In summary, any of these methods enable Linux users to easily and quickly handle text files straight from the command line. Hostman offers a reliable managed Linux VPS for your projects.
21 April 2025 · 8 min to read
Linux

Installing and Configuring Grafana

Working with any IT project becomes much easier when the administrator has a wide range of metrics and monitoring data at their fingertips. It's even better when the data is presented in a clear and visual format. This is where tools like Grafana come in — an open-source solution designed to gather information from various sources and consolidate it into visual reports. Grafana supports multiple platforms — Windows, macOS, Linux (including popular distributions like Debian, Ubuntu, CentOS, Fedora, OpenSuse, or RedHat). It can work with databases such as SQLite, MySQL, and PostgreSQL. With so many options, administrators rarely need to adapt the solution to their environment. In this tutorial, we'll go over how to install Grafana, configure it, and work with dashboards. Installing Grafana on CentOS Stream When ordering a Linux VPS, users can install any Linux operating system. Usually, this is one of the common distributions like CentOS or Ubuntu. For this example, we'll assume the OS is already installed and ready for Grafana and other utility programs. Let's import the GPG keys: wget -q -O gpg.key https://rpm.grafana.com/gpg.key sudo rpm --import gpg.key Create a new official repository configuration: sudo nano /etc/yum.repos.d/grafana.repo Add the following content to the file: [grafana] name=grafana baseurl=https://rpm.grafana.com repo_gpgcheck=1 enabled=1 gpgcheck=1 gpgkey=https://rpm.grafana.com/gpg.key sslverify=1 sslcacert=/etc/pki/tls/certs/ca-bundle.crt Install the application: sudo dnf install grafana Enable autostart and launch Grafana: sudo systemctl enable grafana-server sudo systemctl start grafana-server Check the status to ensure Grafana is running: sudo systemctl status grafana-server You should see a message confirming that the service is loaded and active. This step is especially useful if someone previously worked with the server or installed a custom Linux build with bundled utilities. Installing Grafana on Ubuntu The process is similar: we install Grafana from the official repository after preparing the system to trust the source. Run these commands: wget -q -O - https://packages.grafana.com/gpg.key | sudo apt-key add - sudo add-apt-repository "deb https://packages.grafana.com/oss/deb stable main" sudo apt update sudo apt install grafana sudo systemctl enable grafana-server sudo systemctl start grafana-server sudo systemctl status grafana-server Firewall Configuration for Grafana By default, Grafana uses port 3000. Here's how to open it in different firewalls. For iptables: Add the rule: sudo iptables -A INPUT -p tcp --dport 3000 -m state --state NEW -j ACCEPT Save the rules so they persist after reboot: sudo service iptables save Restart iptables to apply changes: sudo systemctl restart iptables For firewalld: firewall-cmd --zone=public --add-port=3000/tcp --permanent systemctl reload firewalld Default Login and Password Grafana uses the default login/password: Username: admin Password: admin If forgotten, reset it with: grafana-cli admin reset-admin-password --homepath "/usr/share/grafana" new_password Data Sources and Plugin Installation Grafana supports numerous data sources: Prometheus, Graphite, OpenTSDB, InfluxDB, and more. It also allows plugin installations to enhance functionality. For example, to install the Zabbix plugin, run: grafana-cli plugins install alexanderzobnin-zabbix-app systemctl restart grafana-server After restart, go to Configuration > Plugins and find Zabbix. After you enable it, you can configure it under Data Sources. This same process applies to other plugins like Grafana PostgreSQL or Grafana Elasticsearch. Working with Grafana Dashboards The core of Grafana is dashboards — sets of panels that visually display data. Users can create their own dashboards by clicking New Dashboard and selecting panel types. Dashboard Types: Graph – multiple metrics in one panel. Stat – single metric graph. Gauge – speedometer-style display. Bar Gauge – vertical bar graph. Table – table with multiple metrics. Text – freeform text. Heatmap – heatmap display. Alert List – list of Grafana alerts. Dashboard List – list of favorite dashboards. You can also display logs from external sources using Grafana Logs, and export/import dashboards for reuse. For advanced control, refer to the official documentation. You can directly edit the grafana.ini file to change: Default ports Log storage paths Proxy settings User access controls Feature toggles Conclusion Grafana is a powerful and flexible monitoring solution. To fully unlock its potential, experiment with dashboards, try manual config via grafana.ini, and explore third-party plugins. As an actively developed project, Grafana remains one of the top data visualization and monitoring tools.
17 April 2025 · 4 min to read

Do you have questions,
comments, or concerns?

Our professionals are available to assist you at any moment,
whether you need help or are just unsure of where to start.
Email us
Hostman's Support