I am modifying the kvm module and I have added printk statements in the kernel code.After running the virtual machine, printk gives me the faulting address and other information about the guest OS.

I need to generate the statistic from this info.When I use dmesg i can only see faulting address in the kernel space i.e their address are above 0XC0000000.(faulting address are needed when VMEXIT happens i.e we switch from guest to host mode)

When I see the same statistics in kern.log I also get faulting address from the user space(below 0XC0000000).So it seems to me like dmesg has limited capacity , and the info given is a subset from kern.log.

My kern.log file is too big is it ok to erase old data from kern.log because text processing commands like grep,join,awk are taking to too long to run on the file.

My question are:

What is the difference between dmesg and kern.log?

How to reduce the kern.log file size as cron job?(erase all data added in past 24 hours)

Is there any better way to get printf kindof functionality from kernel?

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Answer

​/var/log/kern.log​​​ and his rotated logs (/var/log/kern.log.1 /var/log/kern.log.2....) contains the logs produced by the kernel and handled by ​​​syslog​​.

​dmesg​​ as explained by the man page is for :


dmesg is used to examine or control the kernel ring buffer.


In fact, it will display the last 16392 octets of /var/log/kern.log since last boot.