Järjestelmän tila


* Main messages in the system log;
/Listaa tärkeimmät viestit lokista (laita lokit näytölle ja aiheuta itse lokitapahtumia; tee selkeä kooste)

* Processes management (commands, process names and so on);
/Tarina prosessien hallinnasta (tee koneella; nimeä käskyt, prosessit jne)

* Draw some diagrams, displaying the processes (e.g., munin).
/Piirrä käyriä koneen tilasta (esim., munin)

System logs

System logs are mainly ordinary text files, which are in traditional system log directory /var/log. That’ll be our main working directory for now, and the most interesting logs in it would be auth.log and syslog.


located at /var/log/syslog, contains information on the whole Ubuntu system.


the autorization log, is a log file for tracking users’ login processes and sudo -command usage.

Useful tools

To see log files all you need is just a text viewer, even an editor would be an overkill. But you might probably prefer to use commands like less (shows a text file scren et a time), tail (presents end lines of a file) or head (outputs first lines of a file). And of course, grep -tool is a nice one to search for some specific information.

So here is the list of these terminal commands:

less, tail, head, grep, top;

  • TAIL,

a tool to view the final lines of a text file (here: log),

tail -F /var/log/auth

tail -5 /var/log/auth

tail -F /var/log/auth

tail -F /var/log/auth |grep username

  • GREP

a command to filter out  lines with the spesified term (the seach term is put after the grep -command):

grep justas /var/log/auth.log

grep “session opened” /var/log/auth.log

Process management

System tool to see running processes and used resources:


Also more versatile commands like top, ps, pstree can be used:

  • TOP,

a terminal command to see system running processes in real time, which gives an output like this:

TOP -terminal command

When viewing this output, it’s easy to kill a certain process (if it’s consuming too much of CPU resources or memory): press ‘k’ and then give the process PID.

  • PS,

viewing running processes with their equivalent id’s (PID). To see all the running processes, type:

ps -ef


To kill a certain process user needs to know PID (process ID) and then has to run command like:

kill xxxx (PID number instead of xxxx)

To check if the process has been really killed, run one of these commands

ps -ef

ps -efl

If it’s still running, then forceful option must be added:

kill -9 xxxx (again, xxxx is the number of the process to be killed)

In-depth material on system log, administrator tools and terminal commands:

  1. https://help.ubuntu.com/community/LinuxLogFiles
  2. http://www.linfo.org/command_index.html

Comments are closed.

%d bloggers like this: