How to use the dmesg Command on Linux
dmesg is a display message command and to display kernel-related messages on Unix-like systems. It used to control the kernel ring buffer. The output contains messages produced by the device drivers.
Usage of dmesg command:
All the messages received from the kernel ring buffer is displayed when we execute the command “dmesg”, here only the latest messages will be shown. This is used to check messages stored in the kernel ring buffer. In the case of non-root user use “sudo” to run root-level commands without being root.
$ sudo dmesg
While we use the dmesg command it gives large output, we can use tail, head or less command to view the logs page wise. To search for a specific log or term of your choice with the help of forward slash “/” to search within less
$ sudo dmesg | less
dmesg gives coloured output by default as shown above but if you want to colourize it for proper understanding of the messages then you can colourize them using the “L” command.
$ sudo dmesg -L
dmesg uses timestamps in seconds and nanoseconds, for human-friendly format use the “H” option for timestamps. The same is displayed in less. In the timestamp, it shows the date and time. Messages taking place every minute are marked as seconds and nanoseconds.
$ sudo dmesg -H
We use -T (human-readable) option as they display with standard date and time. In this option, the resolution is lowered by a minute
$ sudo dmesg -T
To monitor real-time logs –follow option is used with dmesg, and it displays the recent messages at the bottom of the terminal
$ sudo dmesg --follow
As we see that dmesg gives out large output, we can use the tail or head option to list out a specific number of messages and view them. Here we check for the first 10 messages using the head option
$ sudo dmesg | head -10
The last 10 messages are displayed using the tail option
$ sudo dmesg | tail -10
Here we’ll use the -i (ignore) option to search for a specific string or patterns or message by scanning through the dmesg output but this option will ignore the case of the strings and will focus only on the string we search for. In the results, it will display messages for both “USB” and “usb” combinations
$ sudo dmesg | grep -i usb
Searching messaged related to Memory, RAM, Hard Disk or USB Drive using grep command with dmesg. Here grep is used with “sda” to check which hard disks have been detected by the kernel. sda command is used to check for hard disk and will display the messages wherever sda is listed
$ sudo dmesg | grep -i sda
A level is assigned to each message logged to the kernel ring buffer. The level represents the significance of the information in the communication. The levels are as follows:
- emerg: The system is unusable.
- alert: Action must be taken immediately.
- crit: Critical conditions.
- err: Error conditions.
- warn: Warning conditions.
- notice: Normal but significant condition.
- info: Informational.
- debug: Debug-level messages.
Extracting messages using the -l (level) option with dmesg followed by the name of the level. Here we list all the informational messages using level “info” with the dmesg command they will display the notifications which are needed and important.
$ sudo dmesg -l info
To extract messages with multiple log levels we have to combine two or more log levels. Here we are using “debug and notice” log levels to extract messages.
$ sudo dmesg -l debug,notice
Another example of combining more than one log level is “err and warn” where it will display error logs and warning logs
$ sudo dmesg --level=err,warn
Displaying dmesg messages for eth0 user interface use grep option followed by eth0
$ sudo dmesg | grep -i eth0
Filtering dmesg messages using facility option -f where it will display messages of a particular facility “daemon”.
$ sudo dmesg -f daemon
-x (decode) option is used to display the facility and level as prefixes of every line in a human-readable format.
$ sudo dmesg -x