100 Unix log check commands that can be useful for monitoring and troubleshooting

In Linux/Unix, a log is a record of events or messages that are generated by the system, applications, or services. It is stored in files usually located in the /var/log directory, and it provides an important source of information for system administrators and users to diagnose and troubleshoot issues on the system.

Logs can be categorized into different types, such as system logs, application logs, security logs, and audit logs. System logs include messages related to the kernel, hardware, and system services, while application logs contain information about specific software applications. Log files are typically plain text files and can be viewed using text editors or command-line utilities such as "tail" or "grep". System administrators often use log files to monitor system activity and identify potential issues or security breaches. They can also configure log rotation to manage the size and retention of log files over time.

Here are 100 Unix log check commands that can be useful for monitoring and troubleshooting various aspects of a Unix system:

1. tail -f /var/log/messages : Follow the system log file in real-time to monitor system events.

2. tail -f /var/log/auth.log : Follow the authentication log file to monitor login attempts and other authentication-related events.

3. tail -f /var/log/secure : Follow the secure log file to monitor authentication-related events on systems using the secure log format.

4. tail -f /var/log/syslog : Follow the syslog file to monitor system-wide events.

5. tail -f /var/log/dmesg : Follow the kernel log file to monitor kernel-level events.

6. tail -f /var/log/mail.log : Follow the mail log file to monitor mail-related events.

7. tail -f /var/log/httpd/error_log : Follow the Apache error log file to monitor errors related to the Apache web server.

8. tail -f /var/log/httpd/access_log : Follow the Apache access log file to monitor requests to the Apache web server.

9. tail -f /var/log/nginx/error.log : Follow the Nginx error log file to monitor errors related to the Nginx web server.

10. tail -f /var/log/nginx/access.log : Follow the Nginx access log file to monitor requests to the Nginx web server.

11. tail -f /var/log/mysql/error.log : Follow the MySQL error log file to monitor errors related to the MySQL database server.

12. tail -f /var/log/mysql/mysql.log : Follow the MySQL general log file to monitor general MySQL activity.

13. tail -f /var/log/mysql/slow-query.log : Follow the MySQL slow query log file to monitor slow-running MySQL queries.

14. tail -f /var/log/redis/redis-server.log : Follow the Redis log file to monitor Redis server activity.

15. tail -f /var/log/postgresql/postgresql.log : Follow the PostgreSQL log file to monitor PostgreSQL server activity.

16. tail -f /var/log/auth.log | grep ssh : Follow the authentication log file and filter for SSH-related events.

17. tail -f /var/log/syslog | grep cron : Follow the system log file and filter for cron-related events.

18. tail -f /var/log/httpd/error_log | grep 404 : Follow the Apache error log file and filter for 404 errors.

19. tail -f /var/log/nginx/error.log | grep 404 : Follow the Nginx error log file and filter for 404 errors.

20. tail -f /var/log/mysql/error.log | grep ERROR : Follow the MySQL error log file and filter for errors.

21. journalctl : Display the systemd journal to view system events and logs.

22. journalctl -u service-name.service : Display the systemd journal for a specific service.

23. journalctl -f : Follow the systemd journal in real-time.

24. dmesg : Display kernel messages.

25. last : Display a list of last logged in users.

26. last -x : Display a list of last logged in users and system shutdown/reboot times.

27. lastb : Display a list of failed login attempts.

28. who : Display a list of currently logged in users.

29. ps -ef : Display a list of running processes.

30. top : Display real-time system resource usage.

31. netstat -an : Display network connections and their status.

32. tcpdump : Capture and analyze network traffic.

33. ifconfig : Display network interface configuration.

34. ping : Test network connectivity.

35. traceroute : Trace the route packets take through a network.

36. dig : Query DNS servers for information

37. nslookup : Query DNS servers for information.

38. host : Query DNS servers for information.

39. lsof : Display a list of open files and processes using them.

40. ps auxf : Display a tree-like process hierarchy.

41. lsblk : Display block devices.

42. df -h : Display disk space usage.

43. du -h : Display directory size.

44. find /path/to/directory -name "filename" : Find files matching a specific name in a directory.

45. grep "search_term" /path/to/file : Search for a specific term in a file.

46. grep -R "search_term" /path/to/directory : Search for a specific term in a directory and its subdirectories.

47. tail /path/to/file : Display the last 10 lines of a file.

48. tail -n number_of_lines /path/to/file : Display the last n lines of a file.

49. head /path/to/file : Display the first 10 lines of a file.

50. head -n number_of_lines /path/to/file : Display the first n lines of a file.

51. cat /path/to/file : Display the contents of a file.

52. less /path/to/file : Display the contents of a file one page at a time.

53. diff /path/to/file1 /path/to/file2 : Display the differences between two files.

54. diff -r /path/to/directory1 /path/to/directory2 : Display the differences between two directories.

55. uptime : Display system uptime and load averages.

56. date : Display the current date and time.

57. cal : Display a calendar.

58. w : Display a list of logged in users and their processes.

59. whoami : Display the current user.

60. id : Display user and group information.

61. groups : Display the groups a user belongs to.

62. pwd : Display the current working directory.

63. cd : Change the current working directory.

64. ls : Display directory contents.

65. mkdir : Create a new directory.

66. rmdir : Remove a directory.

67. touch : Create a new file or update the access and modification times of an existing file.

68. cp : Copy files or directories.

69. mv : Move or rename files or directories.

70. rm : Remove files or directories.

71. chmod : Change file or directory permissions.

72. chown : Change file or directory ownership.

73. tar : Create or extract tar archives.

74. gzip : Compress or decompress files using the gzip format.

75. gunzip : Decompress files compressed using the gzip format.

76. zip : Create or extract zip archives.

77. unzip : Extract files from zip archives.

78. ssh : Connect to a remote system over SSH.

79. scp : Copy files between systems over SSH.

80. rsync : Synchronize files and directories between systems.

81. crontab : Edit or view the user's cron jobs.

82. at : Schedule a one-time command or script to run at a specific time.

83. systemctl : Control the systemd system and service manager.

84. service : Control system services.

85. chkconfig : Manage system services and runlevels.

86. ifup : Bring a network interface up.

87. ifdown : Bring a network interface down.

88. route : Display or modify the system routing table.

89. ip : Display or modify network interface configuration.

90. hostname : Display or set the system hostname.

91. uname : Display system information.

92. free : Display memory usage.

93. vmstat : Display virtual memory statistics.

94. iostat : Display input/output statistics.

95. sar : Collect and analyze system activity information.

96. top : Display system processes and resource usage.

97. htop : Interactive process viewer.

98. netstat : Display network connections and their status.

99. ss : Display socket statistics.

100. ping : Test network connectivity.

101. traceroute : Trace the route packets take to reach a network host.

102. dig : Query DNS servers for information.

103. openssl : Cryptography toolkit.

104. tcpdump : Capture and analyze network traffic.

105. ngrep : Network grep – grep for network traffic.

106. nmap : Network exploration and security auditing tool.

107. nc : Netcat – Swiss Army knife for TCP/IP.

108. telnet : Connect to a remote system over Telnet.

109. ftp : Transfer files over the File Transfer Protocol.

110. sftp : Secure file transfer over SSH.

111. curl : Transfer data from or to a server.

112. wget : Retrieve files from the web.

113. lynx : Text-based web browser.

114. screen : Terminal multiplexer.

115. tmux : Terminal multiplexer.

116. ssh-keygen : Generate SSH key pairs.

117. ssh-copy-id : Copy SSH public keys to a remote system.

118. scp : Copy files between systems over SSH.

119. rsync : Synchronize files and directories between systems.

120. git : Version control system.

121. svn : Version control system.

122. mercurial : Version control system.

123. docker : Containerization platform.

124. kubectl : Kubernetes command-line tool.

125. helm : Kubernetes package manager.

126. minikube : Run Kubernetes locally.

127. kubeadm : Bootstrap a Kubernetes cluster.

128. kops : Create, destroy, and manage Kubernetes clusters.

129. terraform : Infrastructure as code tool.

130. ansible : Configuration management tool.

131. chef : Configuration management tool.

132. puppet : Configuration management tool.

133. nagios : Monitoring system.

134. zabbix : Monitoring system.

135. graylog : Log management platform.

136. logrotate : Log rotation utility.

137. syslog : System logging facility.

138. rsyslog : System logging daemon.

139. systemd-journald : System logging daemon.

140. auditd : System audit daemon.

141. lsof : List open files and the processes that opened them.

142. strace : Trace system calls and signals.

143. ltrace : Trace library calls.

144. gdb : GNU Debugger – Debugging tool.

145. valgrind : Memory debugging and profiling tool.

146. perf : Performance analysis tool.

147. dstat : System resource statistics tool.

148. iostat : Input/output statistics tool.

149. sar : System activity reporter.

150. mpstat : Multi-processor statistics tool.

151. vmstat : Virtual memory statistics tool.

152. free : Display system memory usage.

153. ps : Display system processes.

154. pidof : Find the process ID of a running program.

155. kill : Send signals to running processes.

156. nohup : Run a command immune to hangups.

157. bg : Send a process to the background.

158. fg : Bring a process to the foreground.

159. jobs : Display jobs running in the background.

160. crontab : Schedule periodic tasks.

161. at : Schedule one-time tasks.

162. watch : Execute a command repeatedly and display the output.

163. time : Measure program execution time.

164. tar : Archive utility.

165. gzip : Compression utility.

166. bzip2 : Compression utility.

167. zip : Compression utility.

168. unzip : Decompression utility.

169. find : Search for files and directories.

170. locate : Search for files in a database.

171. updatedb : Update the locate database.

172. grep : Search for patterns in files.

173. sed : Stream editor – perform text transformations.

174. awk : Pattern scanning and processing language.

175. cut : Select specific columns or fields from a file.

176. paste : Merge lines of files.

177. sort : Sort lines of text.

178. uniq : Remove duplicate lines from a file.

179. diff : Compare files and directories.

180. patch : Apply changes to files.

181. tr : Translate characters.

182. cat : Concatenate files and display them.

183. tee : Copy standard input to standard output and files.

184. head : Display the first lines of a file.

185. tail : Display the last lines of a file.

186. wc : Count lines, words, and characters in a file.

187. du : Display disk usage information.

188. df : Display free disk space information.

189. mount : Mount a file system.

190. umount : Unmount a file system.

191. chown : Change file ownership.

192. chmod : Change file permissions.

193. chgrp : Change file group ownership.

194. useradd : Create a new user account.

195. usermod : Modify an existing user account.

196. passwd : Change a user’s password.

197. su : Switch to another user account.

198. sudo : Execute commands as another user.

199. visudo : Edit the sudo configuration file.

200. who : Display logged-in users.

201. whoami : Display the current username.

202. hostname : Display or set the system’s hostname.

203. ping : Test network connectivity.

204. traceroute : Trace the route taken by packets across a network.

205. netstat : Display network connections and statistics.

206. route : Display or modify the system’s routing table.

207. iptables : Manage firewall rules.

208. tcpdump : Capture and analyze network traffic.

209. nmap : Network exploration and security auditing tool.

210. ssh : Secure shell – remote login and command execution.

211. scp : Secure copy – copy files between hosts over a network.

212. rsync : Remote file synchronization and transfer tool.

213. curl : Command line tool for transferring data with URLs.

214. wget : Non-interactive network downloader.

215. lynx : Text-based web browser.

216. top : Display system processes in real-time.

217. htop : Interactive process viewer and system monitor.

218. ncdu : Interactive disk usage analyzer.

219. tree : Display directory structure in a tree-like format.

220. cal : Display a calendar.

221. date : Display or set the system date and time.

222. echo : Display text on the screen.

223. hostnamectl : Control the system hostname.

224. sysctl : Read or modify kernel parameters at runtime.

225. uname : Display system information.

226. ip : Display or modify network interface information.

227. ifconfig : Display or configure network interfaces.

228. route : Display or modify the system routing table.

229. iwconfig : Display or configure wireless network interfaces.

230. dmesg : Display kernel ring buffer messages.

231. lspci : Display information about PCI buses and devices.

232. lsusb : Display information about USB buses and devices.

233. fdisk : Partition table manipulator for Linux.

234. mkfs : Create a file system on a device.

235. mount : Mount a file system.

236. umount : Unmount a file system.

237. blkid : Display or find block device attributes.

238. fsck : File system consistency check and repair.

239. resize2fs : Resize ext2, ext3, or ext4 file systems.

240. tune2fs : Modify ext2, ext3, or ext4 file system parameters.

241. hddtemp : Monitor hard drive temperature.

242. sensors : Monitor system sensors (temperature, fan speed, etc.).

243. smartctl : Control and monitor SMART storage devices.

244. parted : Disk partitioning tool.

245. fdupes : Find and delete duplicate files.

246. hexdump : Display file contents in hexadecimal format.

247. od : Display file contents in octal or hexadecimal format.

248. xxd : Display or create a hex dump of a file.

249. fold : Wrap text to fit a specified width.

250. tee : Copy standard input to standard output and files.

251. nl : Add line numbers to a file.

252. join : Join lines of two files based on a common field.

253. comm : Compare two sorted files line by line.

254. cut : Select specific columns or fields from a file.

255. sort : Sort lines of text.

256. uniq : Remove duplicate lines from a file.

257. diff : Compare files and directories.