Sometime we underestimate the existence of logs. For system administrator logs is important. From log, we can analyze what cause an error. Linux has dmesg or Display Messages. Why we need to know about dmesg? Let’s start to explore it.
What is dmesg
dmesg is a command that print kernel messages into your screen. What kind of messages does dmesg print? dmesg print its data by reading the kernel ring buffer. The data can be information about processor, harddisk, printer, keyboard, memory and drivers. Since dmesg read all messages from kernel ring buffer which is a real time data, the output messages can be long messages.
How to run dmesg
You can type dmesg on your console. Here’s a sample print out of dmesg without any parameter.
$ dmesg
Sample output :
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Linux version 3.8.0-31-generic (buildd@aatxe) (gcc version 4.7.3 (Ubuntu/Linaro 4.7.3-1ubuntu1) ) #46-Ubuntu SMP Tue Sep 10 19:56:49 UTC 2013 (Ubuntu 3.8.0-31.46-generic 3.8.13.8)
[ 0.000000] KERNEL supported cpus:
[ 0.000000] Intel GenuineIntel
[ 0.000000] AMD AuthenticAMD
[ 0.000000] NSC Geode by NSC
[ 0.000000] Cyrix CyrixInstead
[ 0.000000] Centaur CentaurHauls
[ 0.000000] Transmeta GenuineTMx86
[ 0.000000] Transmeta TransmetaCPU
[ 0.000000] UMC UMC UMC UMC
dmesg output is divided into 3 parts.
- Time : this show you number of seconds from the boot time. If you find 20.091730. It is mean the message is created 20 second after boot time.
- Device_name : this show you the device name
- Messages : this is the actual message. From here, we can analyze what was happen.
Why we need dmesg
Here’s some real example on my computer. I had this error when open Chrome browser.
When I check via dmesg, I got this message.
Now it’s clear for me that the cause of the error was Out of Memory. It was happen when I tried to open more than 15 tabs. So next time, I will aware that I should not open more than 15 tabs.
Using dmesg with pipe ( | ) sign
Run dmesg without parameter will produce a long messages. To make it easier to read, combine it with pipe ( | ) sign. Here’s some examples.
Print dmesg output per page
$ dmesg | less
Sample output :
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Linux version 3.8.0-31-generic (buildd@aatxe) (gcc version 4.7.3 (Ubuntu/Linaro 4.7.3-1ubuntu1) ) #46-Ubuntu SMP Tue Sep 10 19:56:49 UTC 2013 (Ubuntu 3.8.0-31.46-generic 3.8.13.8)
[ 0.000000] KERNEL supported cpus:
[ 0.000000] Intel GenuineIntel
[ 0.000000] AMD AuthenticAMD
[ 0.000000] NSC Geode by NSC
[ 0.000000] Cyrix CyrixInstead
[ 0.000000] Centaur CentaurHauls
[ 0.000000] Transmeta GenuineTMx86
[ 0.000000] Transmeta TransmetaCPU
[ 0.000000] UMC UMC UMC UMC
Print information related to eth
$ dmesg | grep eth
Sample output :
[ 1.972418] e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 08:00:27:d2:c1:16
[ 1.972430] e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection
[ 18.867656] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 21.733138] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 21.737967] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 21.738052] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Print information related to USB
$ dmesg | grep usb
Sample output :
[ 0.131874] ACPI: bus type usb registered
[ 0.131910] usbcore: registered new interface driver usbfs
[ 0.131921] usbcore: registered new interface driver hub
[ 0.131955] usbcore: registered new device driver usb
[ 1.091722] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001
[ 1.091727] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 1.091730] usb usb1: Product: OHCI Host Controller
[ 1.091731] usb usb1: Manufacturer: Linux 3.8.0-31-generic ohci_hcd
[ 1.091733] usb usb1: SerialNumber: 0000:00:06.0
Please notice that grep command is case-sensitive. USB is different usb. To ignore case-sensitive feature, use -i parameter after grep command. Compare this command output with USB case above.
$ dmesg | grep -i usb
Sample output :
[ 0.131874] ACPI: bus type usb registered
[ 0.131910] usbcore: registered new interface driver usbfs
[ 0.131921] usbcore: registered new interface driver hub
[ 0.131955] usbcore: registered new device driver usb
[ 0.997759] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 0.997783] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 0.997929] ohci_hcd 0000:00:06.0: new USB bus registered, assigned bus number 1
[ 1.091722] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001
[ 1.091727] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 1.091730] usb usb1: Product: OHCI Host Controller
[ 1.091731] usb usb1: Manufacturer: Linux 3.8.0-31-generic ohci_hcd
[ 1.091733] usb usb1: SerialNumber: 0000:00:06.0
[ 1.091856] hub 1-0:1.0: USB hub found
[ 1.093110] uhci_hcd: USB Universal Host Controller Interface driver
dmesg parameters
You can also run dmesg using its parameter. Here are some examples :
Print with human readable time
By default, timestamp from dmesg output is not human readable. To make it human readable, you can use - -ctime parameter.
$ dmesg - -ctime
Sample output :
[Tue Dec 10 16:34:33 2013] 131MB HIGHMEM available.
[Tue Dec 10 16:34:33 2013] 891MB LOWMEM available.
[Tue Dec 10 16:34:33 2013] mapped low ram: 0 - 37bfe000
[Tue Dec 10 16:34:33 2013] low ram: 0 - 37bfe000
[Tue Dec 10 16:34:33 2013] Zone ranges:
[Tue Dec 10 16:34:33 2013] DMA [mem 0x00010000-0x00ffffff] [Tue Dec 10 16:34:33 2013] Normal [mem 0x01000000-0x37bfdfff] [Tue Dec 10 16:34:33 2013] HighMem [mem 0x37bfe000-0x3ffeffff] [Tue Dec 10 16:34:33 2013] Movable zone start for each node
[Tue Dec 10 16:34:33 2013] Early memory node ranges
[Tue Dec 10 16:34:33 2013] node 0: [mem 0x00010000-0x0009efff] [Tue Dec 10 16:34:33 2013] node 0: [mem 0x00100000-0x3ffeffff
Please notice that -ctime parameter may not accurate IF you do SUSPEND/RESUME.
Don’t print timestamp
If you don’t want to see timestamp, you can use -t parameter
$ dmesg -t
Sample output :
Bluetooth: Core ver 2.16
NET: Registered protocol family 31
Bluetooth: HCI device and connection manager initialized
Bluetooth: HCI socket layer initialized
Bluetooth: L2CAP socket layer initialized
Bluetooth: SCO socket layer initialized
Bluetooth: BNEP (Ethernet Emulation) ver 1.3
Bluetooth: BNEP filters: protocol multicast
Bluetooth: BNEP socket layer initialized
Display facility list
dmesg can also only print message from particular category or facility. To fulfill this purpose, use --facility paramater
$ dmesg --facility=daemon
Sample output :
[ 1.325619] udevd[95]: starting version 175
[ 18.946799] udevd[446]: starting version 175
That option will print messages from system daemon only.
Supported log facilities are :
kern - kernel messages
user - random user-level messages
mail - mail system
daemon - system daemons
auth - security/authorization messages
syslog - messages generated internally by syslogd
lpr - line printer subsystem
news - network news subsystemt
Print log level
dmesg can also print log based on level. To print output like this, use - -level parameter
$ dmesg - -level=err
Sample output :
[ 0.000000] tsc: Fast TSC calibration failed
[ 19.595760] piix4_smbus 0000:00:07.0: SMBus base address uninitialized - upgrade BIOS or use force_addr=0xaddr
This option will print error messages only.
Supported levels are :
emerg - system is unusable
alert - action must be taken immediately
crit - critical conditions
err - error conditions
warn - warning conditions
notice - normal but significant condition
info - informational
debug - debug-level messages
Decode facility and level (priority) number
You can put information about facility and level number without using --facility or --level parameter. Use -x parameter to decode facility and level number into human readable prefixes.
$ dmesg -x
Sample output :
kern :debug : [ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
kern :info : [ 0.000000] e820: last_pfn = 0x3fff0 max_arch_pfn = 0x1000000
kern :debug : [ 0.000000] MTRR default type: uncachable
kern :debug : [ 0.000000] MTRR variable ranges disabled:
kern :info : [ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
kern :info : [ 0.000000] CPU MTRRs all blank - virtualized system.
Clear dmesg output
If you need to clear the ring buffer message, you can use -c parameter
$ dmesg -c
This parameter will produce dmesg output then deleted it. You must have root privilege to do this action. Otherwise you will have an error message like this :
pungki@dev-machine:~$ dmesg -c
dmesg: klogctl failed: Operation not permitted
If you are using -C parameter (capital C), then the logs will be immediately deleted. This parameter also need root privilege.
$ dmesg -C
Is it really deleted?
If you accidentally delete the logs using -c or -C parameters, this not really delete the logs. You can still view the logs by accessing file /var/log/kern.log or /var/log/dmesg
Conclusion
dmesg can be useful for diagnostic problems related to the system. dmesg records every messages since the machine is boot-up. dmesg also records all system changes that occur in real time. This is one of the Linux command that must known by System Administrator. As always, you can type man dmesg to get more detailed information.
This is your friend
$ dmesg –-ctime
not
$ dmesg –ctime
Thank you very much for you feedback. Its now fixed.