dmesg 可以查看linux 内核信息

dmesg’命令设备故障的诊断是非常重要的。在‘dmesg’命令的帮助下进行硬件的连接或断开连接操作时,我们可以看到硬件的检测或者断开连接的信息。‘dmesg’命令在多数基于LinuxUnix的操作系统中都可以使用。

 

 

1. 列出加载到内核中的所有驱动

我们可以使用如‘more’。 ‘tail’, ‘less ’或者‘grep’文字处理工具来处理‘dmesg’命令的输出。由于dmesg日志的输出不适合在一页中完全显示,因此我们使用管道(pipe)将其输出送到more或者less命令单页显示。

 

root@cdncenter ~]# dmesg |more
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Initializing cgroup subsys cpuacct
[    0.000000] Linux version 3.10.0-693.2.2.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623
 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Sep 12 22:26:13 UTC 2017
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.2.2.el7.x86_64 root=UUID=eb448abb-3012-4d8d-bcde-94
434d586a31 ro crashkernel=auto net.ifnames=0 console=tty0 console=ttyS0,115200n8
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable
[    0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] SMBIOS 2.8 present.
[    0.000000] DMI: Alibaba Cloud Alibaba Cloud ECS, BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
[    0.000000] Hypervisor detected: KVM
[    0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[    0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
[    0.000000] e820: last_pfn = 0x440000 max_arch_pfn = 0x400000000
[    0.000000] MTRR default type: write-back
[    0.000000] MTRR fixed ranges enabled:
[    0.000000]   00000-9FFFF write-back
[    0.000000]   A0000-BFFFF uncachable
[    0.000000]   C0000-FFFFF write-protect
[    0.000000] MTRR variable ranges enabled:
[    0.000000]   0 base 0000C0000000 mask 3FFFC0000000 uncachable
[    0.000000]   1 disabled
[    0.000000]   2 disabled
[    0.000000]   3 disabled
[    0.000000]   4 disabled
[    0.000000]   5 disabled
[    0.000000]   6 disabled
[    0.000000]   7 disabled
[    0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
[    0.000000] e820: last_pfn = 0xbffe0 max_arch_pfn = 0x400000000
[    0.000000] found SMP MP-table at [mem 0x000f0e80-0x000f0e8f] mapped at [ffff8800000f0e80]
[    0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576
[    0.000000] Using GB pages for direct mapping
[    0.000000] BRK [0x01fe9000, 0x01fe9fff] PGTABLE
[    0.000000] BRK [0x01fea000, 0x01feafff] PGTABLE
[    0.000000] BRK [0x01feb000, 0x01febfff] PGTABLE
[    0.000000] RAMDISK: [mem 0x35e41000-0x36f18fff]
--More--

 

dmesg | less

 

 

2. 列出所有被检测到的硬件

要显示所有被内核检测到的硬盘设备,你可以使用‘grep’命令搜索‘sda’关键词,如下

dmesg |grep sda
sd 0:1:0:0: [sda] 584843264 512-byte logical blocks: (299 GB/278 GiB)
sd 0:1:0:0: [sda] Write Protect is off
sd 0:1:0:0: [sda] Mode Sense: 03 00 00 08
sd 0:1:0:0: [sda] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
 sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 sda8 >
sd 0:1:0:0: [sda] Attached SCSI disk
EXT4-fs (sda5): INFO: recovery required on readonly filesystem
EXT4-fs (sda5): write access will be enabled during recovery
EXT4-fs (sda5): orphan cleanup on readonly fs
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128070
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128092
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128051
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 129385
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128052
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128373
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128049
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128046
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128039
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128038
EXT4-fs (sda5): ext4_orphan_cleanup: deleting unreferenced inode 128014
EXT4-fs (sda5): 11 orphan inodes deleted
EXT4-fs (sda5): recovery complete
EXT4-fs (sda5): mounted filesystem with ordered data mode. Opts: 
dracut: Mounted root filesystem /dev/sda5
EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: 
EXT4-fs (sda8): mounted filesystem with ordered data mode. Opts: 
EXT4-fs (sda6): mounted filesystem with ordered data mode. Opts: 
EXT4-fs (sda2): mounted filesystem with ordered data mode. Opts: 
EXT4-fs (sda3): mounted filesystem with ordered data mode. Opts: 
Adding 4095992k swap on /dev/sda7.  Priority:-1 extents:1 across:4095992k

 

注解 ‘sda’表示第一块 SATA硬盘,‘sdb’表示第二块SATA硬盘。若想查看IDE硬盘搜索‘hda’或‘hdb’关键词。

 

3. 只输出dmesg命令的前20行日志

在‘dmesg’命令后跟随‘head’命令来显示开始几行,‘dmesg | head -20′命令将显示开始的前20行

 

[root@cdncenter ~]# dmesg |head -20
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Initializing cgroup subsys cpuacct
[    0.000000] Linux version 3.10.0-693.2.2.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Sep 12 22:26:13 UTC 2017
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.2.2.el7.x86_64 root=UUID=eb448abb-3012-4d8d-bcde-94434d586a31 ro crashkernel=auto net.ifnames=0 console=tty0 console=ttyS0,115200n8
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable
[    0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] SMBIOS 2.8 present.
[    0.000000] DMI: Alibaba Cloud Alibaba Cloud ECS, BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
[    0.000000] Hypervisor detected: KVM
[    0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[    0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable

 

4. 只输出dmesg命令最后20行日志

在‘dmesg’命令后跟随‘tail’命令(‘ dmesg | tail -fn20’)来输出‘dmesg’命令的最后20行日志,当你插入可移动设备时它是非常有用的。

 

 

[root@cdncenter ~]# dmesg |tail -fn 20
[    2.314442] systemd[1]: RTC configured in localtime, applying delta of 480 minutes to system time.
[    2.356464] ip_tables: (C) 2000-2006 Netfilter Core Team
[    2.357910] systemd[1]: Inserted module 'ip_tables'
[    2.738351] EXT4-fs (vda1): re-mounted. Opts: (null)
[    2.764522] systemd-journald[351]: Received request to flush runtime journal from PID 1
[    2.959266] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[    2.961623] input: PC Speaker as /devices/platform/pcspkr/input/input5
[    2.997176] ppdev: user-space parallel port driver
[    3.042041] AES CTR mode by8 optimization enabled
[    3.046874] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[    3.055487] alg: No test for crc32 (crc32-pclmul)
[    3.067561] EDAC MC: Ver: 3.0.0
[    3.099789] type=1305 audit(1532936276.320:3): audit_pid=466 old=0 auid=4294967295 ses=4294967295 res=1
[   25.780005] random: crng init done
[  143.596270]  vdb: vdb1
[  235.262057] EXT4-fs (vdb1): mounting ext3 file system using the ext4 subsystem
[  235.266667] EXT4-fs (vdb1): mounted filesystem with ordered data mode. Opts: (null)
[ 7739.681829] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)
[ 7796.760635] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 7796.772093] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)

 

 

 

由于‘dmesg’命令的输出实在太长了,在其中搜索某个特定的字符串是非常困难的。因此,有必要过滤出一些包含‘usb’ ‘dma’ ‘tty’ ‘memory’等字符串的日志行。grep 命令 的‘-i’选项表示忽略大小写

[root@cdncenter ~]# dmesg | grep -i memory
[    0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576
[    0.000000] Reserving 161MB of memory at 688MB for crashkernel (System RAM: 16383MB)
[    0.000000] Early memory node ranges
[    0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[    0.000000] PM: Registered nosave memory: [mem 0x000a0000-0x000effff]
[    0.000000] PM: Registered nosave memory: [mem 0x000f0000-0x000fffff]
[    0.000000] PM: Registered nosave memory: [mem 0xbffe0000-0xbfffffff]
[    0.000000] PM: Registered nosave memory: [mem 0xc0000000-0xfeffbfff]
[    0.000000] PM: Registered nosave memory: [mem 0xfeffc000-0xfeffffff]
[    0.000000] PM: Registered nosave memory: [mem 0xff000000-0xfffbffff]
[    0.000000] PM: Registered nosave memory: [mem 0xfffc0000-0xffffffff]
[    0.000000] Memory: 4978256k/17825792k available (6886k kernel code, 1049096k absent, 528008k reserved, 4545k data, 1764k init)
[    0.000000] please try 'cgroup_disable=memory' option if you don't want memory cgroups
[    0.438460] Initializing cgroup subsys memory
[    1.113298] Freeing initrd memory: 17248k freed
[    1.204199] Non-volatile memory driver v1.3
[    1.206865] crash memory driver: version 1.1
[    1.308053] Freeing unused kernel memory: 1764k freed
[    1.614633] [TTM] Zone  kernel: Available graphics memory: 8133862 kiB
[    1.614633] [TTM] Zone   dma32: Available graphics memory: 2097152 kiB

 

7. 实时监控dmesg日志输出

[root@cdncenter ~]# tail -f /var/log/dmesg
[    2.738351] EXT4-fs (vda1): re-mounted. Opts: (null)
[    2.764522] systemd-journald[351]: Received request to flush runtime journal from PID 1
[    2.959266] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[    2.961623] input: PC Speaker as /devices/platform/pcspkr/input/input5
[    2.997176] ppdev: user-space parallel port driver
[    3.042041] AES CTR mode by8 optimization enabled
[    3.046874] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[    3.055487] alg: No test for crc32 (crc32-pclmul)
[    3.067561] EDAC MC: Ver: 3.0.0
[    3.099789] type=1305 audit(1532936276.320:3): audit_pid=466 old=0 auid=4294967295 ses=4294967295 res=1

 

查看存储在‘/var/log/dmesg’文件中的日志

 

 

查看dmesg中的时间

通过dmesg列出的事件时间不易理解,例如:

[19078.666869] EXT4-fs (sdl): warning: maximal mount count reached, running e2fsck is recommended
[19078.723154] EXT4-fs (sdm): warning: maximal mount count reached, running e2fsck is recommended
[19078.913409] EXT4-fs (sdh): warning: maximal mount count reached, running e2fsck is recommended
[69740.690129] Bridge firewalling registered

 

通过下面命令转换成可读时间:

[root@buffer236017 src]# date -d "1970-01-01 UTC `echo "$(date +%s)-$(cat /proc/uptime|cut -f 1 -d' ')+69740.690129"|bc `seconds"
Fri Aug 15 11:41:35 CST 2014
[root@buffer236017 src]#

 

Linux dmesg输出没有时间列

网上查了半天,发现是系统自带的版本太低,dmesg命令不支时间参数,如果需要输出时间字段,需要重新编译内核,设置下面参数:CONFIG_PRINTK_TIME=y 

还有一种变通的方法,利用rsyslog,将kernel日志输出到文件中,修改/etc/[r]syslog.conf,添加如下配置:
kern.*                                                  /var/log/kern.log

重启rsyslog守护进程即可,后续可以在 /var/log/kern.log中查看 kernel日志信息。