Linux Command - dmesg

The Linux command dmesg ( diagnostic messages ) prints out the kernel message buffer. The dmesg buffer is limited in size so the output is also usually captured by syslog or whatever logging service the system is using. It shows messages from the kernel ring buffer.

kernel ring buffer

• Special in-memory log inside the Linux kernel
• Contains kernel and driver messages
• Circular queue, when it fills up, new messages overwrite the oldest.

Contains:

• Hardware detection during boot
• Driver initialization and status
• Kernel warnings, errors, or panics
• System events at runtime
• Info from before users space logging

There are more options available but these are what I thought was most relevant and this is probably more than you will ever really use.

Print kernel message buffer:

dmesg

Show kernel messages and keep showing new messages ( like tail -f ):

dmesg -w    # follow new messages
dmesg -W    # only new messges

Kernel error or warn messages:

dmesg --level err
dmesg --level err,warn

Common use:

dmesg | less                # one page at a time
sudo dmesg | grep -i usb    # search for string

Useful options:

dmesg -T   # with time stamps
dmesg -H   # human readable
dmesg -L   # colorize
dmesg -J   # JSON
dmesg -C   # clear the buffer

-C	clear the ring buffer
-c	read, then clear

Logging services save this info too

rsyslog or syslog-ng save messages from the ring buffer:

/var/log/kern.log   # just kernel messages
/var/log/messages   # general system messages

systemd-journald saves messages from the ring buffer:

journalctl -k          # only kernel messages
journalctl -k -b -1    # kernel messages from previous boot