Ubuntu Guide For Windows Users: View Logs With System Log Viewer


ubuntulogo.jpgWith Windows Systems, viewing system, application, or security error and informational messages, the Event Viewer is the first place users look to find out what is going on under the hood. With Ubuntu, there are a number of different methods you can use to look through the logs to find similar information.

For the purpose of this guide and to help Windows users become familiar with Ubuntu, we'll look at two methods for viewing system and application related messages using a Terminal window and a graphical tool called System Log Viewer.

On Unix and Linux systems such as Ubuntu, the majority of System logs reside in the directory /var/log. The main logs are:

syslog – The primary system log that contains message log output from, daemons and other running programs such as cron, init, dhclient, and some kernel related messages. On Windows, this is similar to the System log found in the event Viewer that also includes Services (daemons on Ubuntu) and system related information.

dmesg – This log lists all boot-time kernel logging for a system. Also included are other kernel messages related to devices and module loading. dmesg log should be the first place to look for what types of devices were detected by the kernel at boot time as well as errors from the kernel when loading modules. A similar log known as ntbtlog.txt can be found on Windows if enabled after selecting Safe Mode during startup.

kern.log – Similar to dmesg that contain kernel logs, but includes timestamps.

messages – Also contains some kernel log messages, along with output from certain system programs and other programs such as gconfd (database of Gnome user settings).

daemon.log – Similar to messages found in syslog, but without log output from kernel or other system that log to syslog.

mail.log – if an email server is installed, any messages generated for the email application will log here.

apache – used for logs messages related to apache web server. On Windows IIS logs are found in Event Viewer.

Before we can get started, make sure your user account has Monitor system logs user privileges. You can check by opening
System \ Administration \ Users and Groups and select properties for your account. Then look in the User Privileges tab for Monitor system logs and verify it is checked.


Next open System Log Viewer from System \ Administration \ System Log


The default view displays a sidebar on the left listing several system logs with the selected log contents displayed in the right window pane. What I like about System Log Viewer is that you can easily select a date to view logs, instead of showing all dates as one listing. Also by default, message are updated in real time, but you can disable this by un-checking Monitor from the View menu.


If you want to add a log, for example dmesg, just select File \ Open and in the Open Log window, select the dmesg log file from /var/log directory. If you are looking for a specific message, you can filter searches by pressing Ctrl + F and the search box will appear at the bottom of the main window.

System Log Viewer is handy for users just starting out with Ubuntu and is easy to use when connected to the Console. But what if you are connected to a Terminal window locally or remotely via an SSH connection? You can easily view system and application logs from a Terminal session using several commands.

Let's look at the dmesg log file using the less command. At the prompt type:

less /var/log/dmesg


After typing the above command, you will be in an edit type mode, where you can use the up and down arrow keys to scroll through the log. Hit G (Shift + G) and you will scroll down to the bottom of the log, or use g to go to the top. Type F (Shift + F) and the less command will update (append) the log in real time as messages occur.

To search, type / followed by the keyword or phrase you are looking for. Search will highlight the keyword and you can type n to advance to the next match or N (Shift + N) to go back to the previous match.

Type Q (Shift + Q) to quit less.

Many other commands can be used, such as grep, cat, more, tail and others for viewing log files. This guide is kept simple to help Windows users switching over to Ubuntu to find and view system information for troubleshooting or just checking the Operating System health.

Comments on Ubuntu Guide For Windows Users: View Logs With System Log Viewer Leave a Comment

August 29, 2007

China Landscape @ 11:31 pm #

Do you know how to have color in syslog viewer ?

August 30, 2007
March 23, 2008

DamionKutaeff @ 6:39 am #

Hello everybody, my name is Damion, and I'm glad to join your conmunity,
and wish to assit as far as possible.

August 26, 2010

Julez @ 2:29 pm #

Install KSystemLog if you want colors and more functionality

Julez @ 2:30 pm #

@Julez: Lol just realized how old this is oh well all good for people like me who ended up here.

February 28, 2011

Park j c @ 11:49 pm #

I want to view, Ubuntu Log in My WindowsXP Desktop

help me

Leave a Comment

Fields marked by an asterisk (*) are required.

Subscribe without commenting