redhat system log jurnal - ghdrako/doc_snipets GitHub Wiki

Redhat it introduced its own logging system called systemd-journald.Systemd-journald saves the events and messages in a binary format that cannot be read with a text editor.

• The systemd journal is configured by default to store logs only in a small ring-buffer in /run/log/journal, which is not persistent.
• Journal database logs do not survive a system reboot.

journalctl –help
journalctl
journalctl -n
journalctl -n {number}
journalctl -n 20          # view the last 20 entries
journalctl -f             # output new journal entries as they are written to the journal
journalctl -k             # display the kernel message log from the last boot
journalctl -p crit        # view journal entries based on their critical priority
journalctl --since today  # view journal entries for today
journalctl -u sshd        # view journal entries related to the sshd daemon
# The same applies to other services running under systemd that can be stopped and started with systemctl.
journalctl -u httpd –since "1 hour ago" #  check for messages related to the httpd service for the past hour