dmesg 可以查看linux 内核信息
dmesg’命令设备故障的诊断是非常重要的。在‘dmesg’命令的帮助下进行硬件的连接或断开连接操作时,我们可以看到硬件的检测或者断开连接的信息。‘dmesg’命令在多数基于Linux和Unix的操作系统中都可以使用。
1. 列出加载到内核中的所有驱动
我们可以使用如‘more’。 ‘tail’, ‘less ’或者‘grep’文字处理工具来处理‘dmesg’命令的输出。由于dmesg日志的输出不适合在一页中完全显示,因此我们使用管道(pipe)将其输出送到more或者less命令单页显示。
root@cdncenter ~]# dmesg |more
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 3.10.0-693.2.2.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623
(Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Sep 12 22:26:13 UTC 2017
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.2.2.el7.x86_64 root=UUID=eb448abb-3012-4d8d-bcde-94
434d586a31 ro crashkernel=auto net.ifnames=0 console=tty0 console=ttyS0,115200n8
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.8 present.
[ 0.000000] DMI: Alibaba Cloud Alibaba Cloud ECS, BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
[ 0.000000] Hypervisor detected: KVM
[ 0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
[ 0.000000] e820: last_pfn = 0x440000 max_arch_pfn = 0x400000000
[ 0.000000] MTRR default type: write-back
[ 0.000000] MTRR fixed ranges enabled:
[ 0.000000] 00000-9FFFF write-back
[ 0.000000] A0000-BFFFF uncachable
[ 0.000000] C0000-FFFFF write-protect
[ 0.000000] MTRR variable ranges enabled:
[ 0.000000] 0 base 0000C0000000 mask 3FFFC0000000 uncachable
[ 0.000000] 1 disabled
[ 0.000000] 2 disabled
[ 0.000000] 3 disabled
[ 0.000000] 4 disabled
[ 0.000000] 5 disabled
[ 0.000000] 6 disabled
[ 0.000000] 7 disabled
[ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
[ 0.000000] e820: last_pfn = 0xbffe0 max_arch_pfn = 0x400000000
[ 0.000000] found SMP MP-table at [mem 0x000f0e80-0x000f0e8f] mapped at [ffff8800000f0e80]
[ 0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576
[ 0.000000] Using GB pages for direct mapping
[ 0.000000] BRK [0x01fe9000, 0x01fe9fff] PGTABLE
[ 0.000000] BRK [0x01fea000, 0x01feafff] PGTABLE
[ 0.000000] BRK [0x01feb000, 0x01febfff] PGTABLE
[ 0.000000] RAMDISK: [mem 0x35e41000-0x36f18fff]
--More--
dmesg | less
2. 列出所有被检测到的硬件
要显示所有被内核检测到的硬盘设备,你可以使用‘grep’命令搜索‘sda’关键词,如下
dmesg |grep sda
sd 0:1:0:0: [sda] 584843264 512-byte logical blocks: (299 GB/278 GiB)
sd 0:1:0:0: [sda] Write Protect is off
sd 0:1:0:0: [sda] Mode Sense: 03 00 00 08
sd 0:1:0:0: [sda] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 sda8 >
sd 0:1:0:0: [sda] Attached SCSI disk
EXT4-fs (sda5): INFO: recovery required on readonly filesystem
EXT4-fs (sda5): write access will be enabled during recovery
EXT4-fs (sda5): orphan cleanup on readonly fs
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128070
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128092
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128051
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 129385
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128052
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128373
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128049
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128046
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128039
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128038
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128014
EXT4-fs (sda5): 11 orphan inodes deleted
EXT4-fs (sda5): recovery complete
EXT4-fs (sda5): mounted filesystem with ordered data mode. Opts:
dracut: Mounted root filesystem /dev/sda5
EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts:
EXT4-fs (sda8): mounted filesystem with ordered data mode. Opts:
EXT4-fs (sda6): mounted filesystem with ordered data mode. Opts:
EXT4-fs (sda2): mounted filesystem with ordered data mode. Opts:
EXT4-fs (sda3): mounted filesystem with ordered data mode. Opts:
Adding 4095992k swap on /dev/sda7. Priority:-1 extents:1 across:4095992k
注解 ‘sda’表示第一块 SATA硬盘,‘sdb’表示第二块SATA硬盘。若想查看IDE硬盘搜索‘hda’或‘hdb’关键词。
3. 只输出dmesg命令的前20行日志
在‘dmesg’命令后跟随‘head’命令来显示开始几行,‘dmesg | head -20′命令将显示开始的前20行
[root@cdncenter ~]# dmesg |head -20
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 3.10.0-693.2.2.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Sep 12 22:26:13 UTC 2017
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.2.2.el7.x86_64 root=UUID=eb448abb-3012-4d8d-bcde-94434d586a31 ro crashkernel=auto net.ifnames=0 console=tty0 console=ttyS0,115200n8
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.8 present.
[ 0.000000] DMI: Alibaba Cloud Alibaba Cloud ECS, BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
[ 0.000000] Hypervisor detected: KVM
[ 0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
4. 只输出dmesg命令最后20行日志
在‘dmesg’命令后跟随‘tail’命令(‘ dmesg | tail -fn20’)来输出‘dmesg’命令的最后20行日志,当你插入可移动设备时它是非常有用的。
[root@cdncenter ~]# dmesg |tail -fn 20
[ 2.314442] systemd[1]: RTC configured in localtime, applying delta of 480 minutes to system time.
[ 2.356464] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 2.357910] systemd[1]: Inserted module 'ip_tables'
[ 2.738351] EXT4-fs (vda1): re-mounted. Opts: (null)
[ 2.764522] systemd-journald[351]: Received request to flush runtime journal from PID 1
[ 2.959266] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[ 2.961623] input: PC Speaker as /devices/platform/pcspkr/input/input5
[ 2.997176] ppdev: user-space parallel port driver
[ 3.042041] AES CTR mode by8 optimization enabled
[ 3.046874] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[ 3.055487] alg: No test for crc32 (crc32-pclmul)
[ 3.067561] EDAC MC: Ver: 3.0.0
[ 3.099789] type=1305 audit(1532936276.320:3): audit_pid=466 old=0 auid=4294967295 ses=4294967295 res=1
[ 25.780005] random: crng init done
[ 143.596270] vdb: vdb1
[ 235.262057] EXT4-fs (vdb1): mounting ext3 file system using the ext4 subsystem
[ 235.266667] EXT4-fs (vdb1): mounted filesystem with ordered data mode. Opts: (null)
[ 7739.681829] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)
[ 7796.760635] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 7796.772093] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)
由于‘dmesg’命令的输出实在太长了,在其中搜索某个特定的字符串是非常困难的。因此,有必要过滤出一些包含‘usb’ ‘dma’ ‘tty’ ‘memory’等字符串的日志行。grep 命令 的‘-i’选项表示忽略大小写
[root@cdncenter ~]# dmesg | grep -i memory
[ 0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576
[ 0.000000] Reserving 161MB of memory at 688MB for crashkernel (System RAM: 16383MB)
[ 0.000000] Early memory node ranges
[ 0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[ 0.000000] PM: Registered nosave memory: [mem 0x000a0000-0x000effff]
[ 0.000000] PM: Registered nosave memory: [mem 0x000f0000-0x000fffff]
[ 0.000000] PM: Registered nosave memory: [mem 0xbffe0000-0xbfffffff]
[ 0.000000] PM: Registered nosave memory: [mem 0xc0000000-0xfeffbfff]
[ 0.000000] PM: Registered nosave memory: [mem 0xfeffc000-0xfeffffff]
[ 0.000000] PM: Registered nosave memory: [mem 0xff000000-0xfffbffff]
[ 0.000000] PM: Registered nosave memory: [mem 0xfffc0000-0xffffffff]
[ 0.000000] Memory: 4978256k/17825792k available (6886k kernel code, 1049096k absent, 528008k reserved, 4545k data, 1764k init)
[ 0.000000] please try 'cgroup_disable=memory' option if you don't want memory cgroups
[ 0.438460] Initializing cgroup subsys memory
[ 1.113298] Freeing initrd memory: 17248k freed
[ 1.204199] Non-volatile memory driver v1.3
[ 1.206865] crash memory driver: version 1.1
[ 1.308053] Freeing unused kernel memory: 1764k freed
[ 1.614633] [TTM] Zone kernel: Available graphics memory: 8133862 kiB
[ 1.614633] [TTM] Zone dma32: Available graphics memory: 2097152 kiB
7. 实时监控dmesg日志输出
[root@cdncenter ~]# tail -f /var/log/dmesg
[ 2.738351] EXT4-fs (vda1): re-mounted. Opts: (null)
[ 2.764522] systemd-journald[351]: Received request to flush runtime journal from PID 1
[ 2.959266] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[ 2.961623] input: PC Speaker as /devices/platform/pcspkr/input/input5
[ 2.997176] ppdev: user-space parallel port driver
[ 3.042041] AES CTR mode by8 optimization enabled
[ 3.046874] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[ 3.055487] alg: No test for crc32 (crc32-pclmul)
[ 3.067561] EDAC MC: Ver: 3.0.0
[ 3.099789] type=1305 audit(1532936276.320:3): audit_pid=466 old=0 auid=4294967295 ses=4294967295 res=1
查看存储在‘/var/log/dmesg’文件中的日志
查看dmesg中的时间
通过dmesg列出的事件时间不易理解,例如:
[19078.666869] EXT4-fs (sdl): warning: maximal mount count reached, running e2fsck is recommended
[19078.723154] EXT4-fs (sdm): warning: maximal mount count reached, running e2fsck is recommended
[19078.913409] EXT4-fs (sdh): warning: maximal mount count reached, running e2fsck is recommended
[69740.690129] Bridge firewalling registered
通过下面命令转换成可读时间:
[root@buffer236017 src]# date -d "1970-01-01 UTC `echo "$(date +%s)-$(cat /proc/uptime|cut -f 1 -d' ')+69740.690129"|bc `seconds"
Fri Aug 15 11:41:35 CST 2014
[root@buffer236017 src]#
Linux dmesg输出没有时间列
网上查了半天,发现是系统自带的版本太低,dmesg命令不支时间参数,如果需要输出时间字段,需要重新编译内核,设置下面参数:CONFIG_PRINTK_TIME=y
还有一种变通的方法,利用rsyslog,将kernel日志输出到文件中,修改/etc/[r]syslog.conf,添加如下配置:
kern.* /var/log/kern.log
重启rsyslog守护进程即可,后续可以在 /var/log/kern.log中查看 kernel日志信息。