dmesg 可以查看linux 内核信息
dmesg’命令设备故障的诊断是非常重要的。在‘dmesg’命令的帮助下进行硬件的连接或断开连接操作时,我们可以看到硬件的检测或者断开连接的信息。‘dmesg’命令在多数基于Linux和Unix的操作系统中都可以使用。
1. 列出加载到内核中的所有驱动
我们可以使用如‘more’。 ‘tail’, ‘less ’或者‘grep’文字处理工具来处理‘dmesg’命令的输出。由于dmesg日志的输出不适合在一页中完全显示,因此我们使用管道(pipe)将其输出送到more或者less命令单页显示。
root@cdncenter ~]# dmesg |more [ 0.000000] Initializing cgroup subsys cpuset [ 0.000000] Initializing cgroup subsys cpu [ 0.000000] Initializing cgroup subsys cpuacct [ 0.000000] Linux version 3.10.0-693.2.2.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Sep 12 22:26:13 UTC 2017 [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.2.2.el7.x86_64 root=UUID=eb448abb-3012-4d8d-bcde-94 434d586a31 ro crashkernel=auto net.ifnames=0 console=tty0 console=ttyS0,115200n8 [ 0.000000] e820: BIOS-provided physical RAM map: [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable [ 0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable [ 0.000000] NX (Execute Disable) protection: active [ 0.000000] SMBIOS 2.8 present. [ 0.000000] DMI: Alibaba Cloud Alibaba Cloud ECS, BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014 [ 0.000000] Hypervisor detected: KVM [ 0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved [ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable [ 0.000000] e820: last_pfn = 0x440000 max_arch_pfn = 0x400000000 [ 0.000000] MTRR default type: write-back [ 0.000000] MTRR fixed ranges enabled: [ 0.000000] 00000-9FFFF write-back [ 0.000000] A0000-BFFFF uncachable [ 0.000000] C0000-FFFFF write-protect [ 0.000000] MTRR variable ranges enabled: [ 0.000000] 0 base 0000C0000000 mask 3FFFC0000000 uncachable [ 0.000000] 1 disabled [ 0.000000] 2 disabled [ 0.000000] 3 disabled [ 0.000000] 4 disabled [ 0.000000] 5 disabled [ 0.000000] 6 disabled [ 0.000000] 7 disabled [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106 [ 0.000000] e820: last_pfn = 0xbffe0 max_arch_pfn = 0x400000000 [ 0.000000] found SMP MP-table at [mem 0x000f0e80-0x000f0e8f] mapped at [ffff8800000f0e80] [ 0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576 [ 0.000000] Using GB pages for direct mapping [ 0.000000] BRK [0x01fe9000, 0x01fe9fff] PGTABLE [ 0.000000] BRK [0x01fea000, 0x01feafff] PGTABLE [ 0.000000] BRK [0x01feb000, 0x01febfff] PGTABLE [ 0.000000] RAMDISK: [mem 0x35e41000-0x36f18fff] --More--
dmesg | less
2. 列出所有被检测到的硬件
要显示所有被内核检测到的硬盘设备,你可以使用‘grep’命令搜索‘sda’关键词,如下
dmesg |grep sda sd 0:1:0:0: [sda] 584843264 512-byte logical blocks: (299 GB/278 GiB) sd 0:1:0:0: [sda] Write Protect is off sd 0:1:0:0: [sda] Mode Sense: 03 00 00 08 sd 0:1:0:0: [sda] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 sda8 > sd 0:1:0:0: [sda] Attached SCSI disk EXT4-fs (sda5): INFO: recovery required on readonly filesystem EXT4-fs (sda5): write access will be enabled during recovery EXT4-fs (sda5): orphan cleanup on readonly fs EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128070 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128092 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128051 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 129385 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128052 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128373 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128049 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128046 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128039 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128038 EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128014 EXT4-fs (sda5): 11 orphan inodes deleted EXT4-fs (sda5): recovery complete EXT4-fs (sda5): mounted filesystem with ordered data mode. Opts: dracut: Mounted root filesystem /dev/sda5 EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: EXT4-fs (sda8): mounted filesystem with ordered data mode. Opts: EXT4-fs (sda6): mounted filesystem with ordered data mode. Opts: EXT4-fs (sda2): mounted filesystem with ordered data mode. Opts: EXT4-fs (sda3): mounted filesystem with ordered data mode. Opts: Adding 4095992k swap on /dev/sda7. Priority:-1 extents:1 across:4095992k
注解 ‘sda’表示第一块 SATA硬盘,‘sdb’表示第二块SATA硬盘。若想查看IDE硬盘搜索‘hda’或‘hdb’关键词。
3. 只输出dmesg命令的前20行日志
在‘dmesg’命令后跟随‘head’命令来显示开始几行,‘dmesg | head -20′命令将显示开始的前20行
[root@cdncenter ~]# dmesg |head -20 [ 0.000000] Initializing cgroup subsys cpuset [ 0.000000] Initializing cgroup subsys cpu [ 0.000000] Initializing cgroup subsys cpuacct [ 0.000000] Linux version 3.10.0-693.2.2.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Sep 12 22:26:13 UTC 2017 [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.2.2.el7.x86_64 root=UUID=eb448abb-3012-4d8d-bcde-94434d586a31 ro crashkernel=auto net.ifnames=0 console=tty0 console=ttyS0,115200n8 [ 0.000000] e820: BIOS-provided physical RAM map: [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable [ 0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable [ 0.000000] NX (Execute Disable) protection: active [ 0.000000] SMBIOS 2.8 present. [ 0.000000] DMI: Alibaba Cloud Alibaba Cloud ECS, BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014 [ 0.000000] Hypervisor detected: KVM [ 0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved [ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
4. 只输出dmesg命令最后20行日志
在‘dmesg’命令后跟随‘tail’命令(‘ dmesg | tail -fn20’)来输出‘dmesg’命令的最后20行日志,当你插入可移动设备时它是非常有用的。
[root@cdncenter ~]# dmesg |tail -fn 20 [ 2.314442] systemd[1]: RTC configured in localtime, applying delta of 480 minutes to system time. [ 2.356464] ip_tables: (C) 2000-2006 Netfilter Core Team [ 2.357910] systemd[1]: Inserted module 'ip_tables' [ 2.738351] EXT4-fs (vda1): re-mounted. Opts: (null) [ 2.764522] systemd-journald[351]: Received request to flush runtime journal from PID 1 [ 2.959266] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 [ 2.961623] input: PC Speaker as /devices/platform/pcspkr/input/input5 [ 2.997176] ppdev: user-space parallel port driver [ 3.042041] AES CTR mode by8 optimization enabled [ 3.046874] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni) [ 3.055487] alg: No test for crc32 (crc32-pclmul) [ 3.067561] EDAC MC: Ver: 3.0.0 [ 3.099789] type=1305 audit(1532936276.320:3): audit_pid=466 old=0 auid=4294967295 ses=4294967295 res=1 [ 25.780005] random: crng init done [ 143.596270] vdb: vdb1 [ 235.262057] EXT4-fs (vdb1): mounting ext3 file system using the ext4 subsystem [ 235.266667] EXT4-fs (vdb1): mounted filesystem with ordered data mode. Opts: (null) [ 7739.681829] nf_conntrack version 0.5.0 (65536 buckets, 262144 max) [ 7796.760635] ip_tables: (C) 2000-2006 Netfilter Core Team [ 7796.772093] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)
由于‘dmesg’命令的输出实在太长了,在其中搜索某个特定的字符串是非常困难的。因此,有必要过滤出一些包含‘usb’ ‘dma’ ‘tty’ ‘memory’等字符串的日志行。grep 命令 的‘-i’选项表示忽略大小写
[root@cdncenter ~]# dmesg | grep -i memory [ 0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576 [ 0.000000] Reserving 161MB of memory at 688MB for crashkernel (System RAM: 16383MB) [ 0.000000] Early memory node ranges [ 0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff] [ 0.000000] PM: Registered nosave memory: [mem 0x000a0000-0x000effff] [ 0.000000] PM: Registered nosave memory: [mem 0x000f0000-0x000fffff] [ 0.000000] PM: Registered nosave memory: [mem 0xbffe0000-0xbfffffff] [ 0.000000] PM: Registered nosave memory: [mem 0xc0000000-0xfeffbfff] [ 0.000000] PM: Registered nosave memory: [mem 0xfeffc000-0xfeffffff] [ 0.000000] PM: Registered nosave memory: [mem 0xff000000-0xfffbffff] [ 0.000000] PM: Registered nosave memory: [mem 0xfffc0000-0xffffffff] [ 0.000000] Memory: 4978256k/17825792k available (6886k kernel code, 1049096k absent, 528008k reserved, 4545k data, 1764k init) [ 0.000000] please try 'cgroup_disable=memory' option if you don't want memory cgroups [ 0.438460] Initializing cgroup subsys memory [ 1.113298] Freeing initrd memory: 17248k freed [ 1.204199] Non-volatile memory driver v1.3 [ 1.206865] crash memory driver: version 1.1 [ 1.308053] Freeing unused kernel memory: 1764k freed [ 1.614633] [TTM] Zone kernel: Available graphics memory: 8133862 kiB [ 1.614633] [TTM] Zone dma32: Available graphics memory: 2097152 kiB
7. 实时监控dmesg日志输出
[root@cdncenter ~]# tail -f /var/log/dmesg [ 2.738351] EXT4-fs (vda1): re-mounted. Opts: (null) [ 2.764522] systemd-journald[351]: Received request to flush runtime journal from PID 1 [ 2.959266] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0 [ 2.961623] input: PC Speaker as /devices/platform/pcspkr/input/input5 [ 2.997176] ppdev: user-space parallel port driver [ 3.042041] AES CTR mode by8 optimization enabled [ 3.046874] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni) [ 3.055487] alg: No test for crc32 (crc32-pclmul) [ 3.067561] EDAC MC: Ver: 3.0.0 [ 3.099789] type=1305 audit(1532936276.320:3): audit_pid=466 old=0 auid=4294967295 ses=4294967295 res=1
查看存储在‘/var/log/dmesg’文件中的日志
查看dmesg中的时间
通过dmesg列出的事件时间不易理解,例如:
[19078.666869] EXT4-fs (sdl): warning: maximal mount count reached, running e2fsck is recommended [19078.723154] EXT4-fs (sdm): warning: maximal mount count reached, running e2fsck is recommended [19078.913409] EXT4-fs (sdh): warning: maximal mount count reached, running e2fsck is recommended [69740.690129] Bridge firewalling registered
通过下面命令转换成可读时间:
[root@buffer236017 src]# date -d "1970-01-01 UTC `echo "$(date +%s)-$(cat /proc/uptime|cut -f 1 -d' ')+69740.690129"|bc `seconds" Fri Aug 15 11:41:35 CST 2014 [root@buffer236017 src]#
Linux dmesg输出没有时间列
网上查了半天,发现是系统自带的版本太低,dmesg命令不支时间参数,如果需要输出时间字段,需要重新编译内核,设置下面参数:CONFIG_PRINTK_TIME=y
还有一种变通的方法,利用rsyslog,将kernel日志输出到文件中,修改/etc/[r]syslog.conf,添加如下配置:
kern.* /var/log/kern.log
重启rsyslog守护进程即可,后续可以在 /var/log/kern.log中查看 kernel日志信息。