‘dmesg’命令顯示linux內核的環形緩衝區信息,我們可以從中獲得諸如系統架構、cpu、掛載的硬件,RAM等多個運行級別的大量的系統信息。當計算機啓動時,系統內核(操作系統的核心部分)將會被加載到內存中。在加載的過程中會顯示很多的信息,在這些信息中我們可以看到內核檢測硬件設備。
dmesg 命令的使用範例
‘dmesg’命令設備故障的診斷是非常重要的。在‘dmesg’命令的幫助下進行硬件的連接或斷開連接操作時,我們可以看到硬件的檢測或者斷開連接的信息。‘dmesg’命令在多數基於Linux和Unix的操作系統中都可以使用。
下面我們展示一些最負盛名的‘dmesg’命令工具以及其實際使用舉例。‘dmesg’命令的使用語法如下。
# dmesg [options...]
1. 列出加載到內核中的所有驅動
我們可以使用如‘more’。 ‘tail’, ‘less ’或者‘grep’文字處理工具來處理‘dmesg’命令的輸出。由於dmesg日誌的輸出不適合在一頁中完全顯示,因此我們使用管道(pipe)將其輸出送到more或者less命令單頁顯示。
[root@localhost ~]# dmesg | more
[root@localhost ~]# dmesg | less
[root@localhost ~]# dmesg | more
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 3.10.0-693.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP T
ue Aug 22 21:09:27 UTC 2017
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-3.10.0-693.el7.x86_64 root=UUID=3fad8445-5de7-47b4-bcbb-cce2cfb68fe6 ro crashkernel=auto rhgb quiet
LANG=en_US.UTF-8
[ 0.000000] Disabled fast string operations
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ebff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009ec00-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000dc000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000031edffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000031ee0000-0x0000000031efefff] ACPI data
[ 0.000000] BIOS-e820: [mem 0x0000000031eff000-0x0000000031efffff] ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x0000000031f00000-0x0000000031ffffff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000f0000000-0x00000000f7ffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec0ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fffe0000-0x00000000ffffffff] reserved
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.7 present.
[ 0.000000] DMI: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/19/2017
[ 0.000000] Hypervisor detected: VMware
[ 0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[ 0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
[ 0.000000] e820: last_pfn = 0x32000 max_arch_pfn = 0x400000000
[ 0.000000] MTRR default type: uncachable
2. 列出所有被檢測到的硬件
要顯示所有被內核檢測到的硬盤設備,你可以使用‘grep’命令搜索‘sda’關鍵詞,如下:
[root@localhost ~]# dmesg | grep sda
[ 0.904868] sd 0:0:0:0: [sda] 25165824 512-byte logical blocks: (12.8 GB/12.0 GiB)
[ 0.904899] sd 0:0:0:0: [sda] Write Protect is off
[ 0.904903] sd 0:0:0:0: [sda] Mode Sense: 61 00 00 00
[ 0.904932] sd 0:0:0:0: [sda] Cache data unavailable
[ 0.904935] sd 0:0:0:0: [sda] Assuming drive cache: write through
[ 0.905716] sda: sda1 sda2 sda3
[ 0.905986] sd 0:0:0:0: [sda] Attached SCSI disk
[ 1.445603] XFS (sda3): Mounting V5 Filesystem
[ 1.453474] XFS (sda3): Ending clean mount
[ 2.382062] Adding 524284k swap on /dev/sda2. Priority:-1 extents:1 across:524284k FS
[ 2.404372] XFS (sda1): Mounting V5 Filesystem
[ 2.660520] XFS (sda1): Ending clean mount
註解 ‘sda’表示第一塊 SATA硬盤,‘sdb’表示第二塊SATA硬盤。若想查看IDE硬盤搜索‘hda’或‘hdb’關鍵詞。
3. 只輸出dmesg命令的前20行日誌
在‘dmesg’命令後跟隨‘head’命令來顯示開始幾行,‘dmesg | head -20′命令將顯示開始的前20行。
[root@localhost ~]# dmesg head head -n 20
dmesg: unknown level '20'
[root@localhost ~]# dmesg | head -n 20
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 3.10.0-693.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Aug 22 21:09:27 UTC 2017
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-3.10.0-693.el7.x86_64 root=UUID=3fad8445-5de7-47b4-bcbb-cce2cfb68fe6 ro crashkernel=auto rhgb quiet LANG=en_US.UTF-8
[ 0.000000] Disabled fast string operations
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ebff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009ec00-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000dc000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000031edffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000031ee0000-0x0000000031efefff] ACPI data
[ 0.000000] BIOS-e820: [mem 0x0000000031eff000-0x0000000031efffff] ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x0000000031f00000-0x0000000031ffffff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000f0000000-0x00000000f7ffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec0ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fffe0000-0x00000000ffffffff] reserved
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.7 present.
4. 只輸出dmesg命令最後20行日誌
在‘dmesg’命令後跟隨‘tail’命令(‘ dmesg | tail -20’)來輸出‘dmesg’命令的最後20行日誌,當你插入可移動設備時它是非常有用的。
[root@localhost ~]# dmesg | tail -20
[ 2.404372] XFS (sda1): Mounting V5 Filesystem
[ 2.420959] alg: No test for crc32 (crc32-pclmul)
[ 2.553883] ppdev: user-space parallel port driver
[ 2.660520] XFS (sda1): Ending clean mount
[ 2.749327] type=1305 audit(1585559958.793:3): audit_pid=463 old=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
[ 3.122492] NET: Registered protocol family 40
[ 3.256780] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 3.264972] e1000: ens32 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 5.286500] floppy0: no floppy controllers found
[ 5.286553] work still pending
[ 622.947463] e1000: ens32 NIC Link is Down
[ 623.489946] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 624.113745] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 624.951032] e1000: ens32 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 624.952857] IPv6: ADDRCONF(NETDEV_CHANGE): ens32: link becomes ready
[ 7703.119935] e1000: ens32 NIC Link is Down
[ 7703.628247] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 7704.343731] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 7705.131975] e1000: ens32 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 7705.133574] IPv6: ADDRCONF(NETDEV_CHANGE): ens32: link becomes ready
5. 搜索包含特定字符串的被檢測到的硬件(dmesg -T打印時間)
由於‘dmesg’命令的輸出實在太長了,在其中搜索某個特定的字符串是非常困難的。因此,有必要過濾出一些包含‘usb’ ‘dma’ ‘tty’ ‘memory’等字符串的日誌行。grep 命令 的‘-i’選項表示忽略大小寫。
[root@localhost ~]# dmesg | grep -i usb
[root@localhost ~]# dmesg | grep -i dma
[root@localhost ~]# dmesg | grep -i tty
[root@localhost ~]# dmesg | grep -i memory
[root@localhost ~]# dmesg | grep -i memory
[ 0.000000] Base memory trampoline at [ffff880000098000] 98000 size 24576
[ 0.000000] crashkernel=auto resulted in zero bytes of reserved memory.
[ 0.000000] Early memory node ranges
[ 0.000000] PM: Registered nosave memory: [mem 0x0009e000-0x0009efff]
[ 0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
............................................................
[root@localhost log]# dmesg -T | grep -i memory
[Fri May 29 13:24:17 2020] Base memory trampoline at [ffff880000098000] 98000 size 24576
[Fri May 29 13:24:17 2020] crashkernel=auto resulted in zero bytes of reserved memory.
[Fri May 29 13:24:17 2020] Early memory node ranges
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x0009e000-0x0009efff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x000a0000-0x000dbfff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x000dc000-0x000fffff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x31ee0000-0x31efefff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x31eff000-0x31efffff]
[Fri May 29 13:24:17 2020] Memory: 752712k/819200k available (6886k kernel code, 524k absent, 65964k reserved, 4545k data, 1764k init)
redis OMM killer信息通過dmesg查看
#比如你在redis日誌中發現如下信息,可以查看操作系統日誌dmesg -T | grep redis
10866:M 05 Sep 20:15:19.711 # Background saving terminated by signal 9
10866:M 05 Sep 20:18:43.898 # Background saving terminated by signal 9
10866:M 05 Sep 20:26:46.434 # Background saving terminated by signal 9
10866:M 05 Sep 20:34:49.161 # Background saving terminated by signal 9
10866:M 05 Sep 20:42:52.406 # Background saving terminated by signal 9
dmesg -T | grep redis | grep "Out of memory"
[Mon Sep 5 20:15:18 2016] Out of memory: Kill process 725 (redis-server) score 517 or sacrifice child
[Mon Sep 5 20:18:42 2016] Out of memory: Kill process 786 (redis-server) score 517 or sacrifice child
[Mon Sep 5 20:26:45 2016] Out of memory: Kill process 914 (redis-server) score 517 or sacrifice child
dmesg -T | grep redis | grep "oom-killer"
[Mon Sep 5 20:26:44 2016] redis-server invoked oom-killer: gfp_mask=0x10200da, order=0, oom_score_adj=0
[Mon Sep 5 21:32:53 2016] redis-server invoked oom-killer: gfp_mask=0x8200da, order=0, oom_score_adj=0
6. 清空dmesg緩衝區日誌
我們可以使用如下命令來清空dmesg的日誌。該命令會清空dmesg環形緩衝區中的日誌。但是你依然可以查看存儲在‘/var/log/dmesg’文件中的日誌。你連接任何的設備都會產生dmesg日誌輸出。
[root@localhost ~]# dmesg -c
結論:dmesg命令在系統dmesg記錄實時更改或產生的情況下是非常有用的。你可以使用man dmesg來獲取更多關於dmesg的信息。