Linux dmesg命令帮你处理故障和收集系统信息的几种方法

‘dmesg’命令显示linux内核的环形缓冲区信息，我们可以从中获得诸如系统架构、cpu、挂载的硬件，RAM等多个运行级别的大量的系统信息。当计算机启动时，系统内核（操作系统的核心部分）将会被加载到内存中。在加载的过程中会显示很多的信息，在这些信息中我们可以看到内核检测硬件设备。

 

dmesg 命令的使用范例

---

‘dmesg’命令设备故障的诊断是非常重要的。在‘dmesg’命令的帮助下进行硬件的连接或断开连接操作时，我们可以看到硬件的检测或者断开连接的信息。‘dmesg’命令在多数基于Linux和Unix的操作系统中都可以使用。

下面我们展示一些最负盛名的‘dmesg’命令工具以及其实际使用举例。‘dmesg’命令的使用语法如下。

# dmesg [options...]

 

1. 列出加载到内核中的所有驱动

---

我们可以使用如‘more’。 ‘tail’, ‘less ’或者‘grep’文字处理工具来处理‘dmesg’命令的输出。由于dmesg日志的输出不适合在一页中完全显示，因此我们使用管道（pipe）将其输出送到more或者less命令单页显示。

[root@localhost ~]# dmesg | more
[root@localhost ~]# dmesg | less
[root@localhost ~]# dmesg | more
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Initializing cgroup subsys cpuacct
[    0.000000] Linux version 3.10.0-693.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP T
ue Aug 22 21:09:27 UTC 2017
[    0.000000] Command line: BOOT_IMAGE=/vmlinuz-3.10.0-693.el7.x86_64 root=UUID=3fad8445-5de7-47b4-bcbb-cce2cfb68fe6 ro crashkernel=auto rhgb quiet
 LANG=en_US.UTF-8
[    0.000000] Disabled fast string operations
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ebff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009ec00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000dc000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000031edffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000031ee0000-0x0000000031efefff] ACPI data
[    0.000000] BIOS-e820: [mem 0x0000000031eff000-0x0000000031efffff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000031f00000-0x0000000031ffffff] usable
[    0.000000] BIOS-e820: [mem 0x00000000f0000000-0x00000000f7ffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec0ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffe0000-0x00000000ffffffff] reserved
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] SMBIOS 2.7 present.
[    0.000000] DMI: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/19/2017
[    0.000000] Hypervisor detected: VMware
[    0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[    0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
[    0.000000] e820: last_pfn = 0x32000 max_arch_pfn = 0x400000000
[    0.000000] MTRR default type: uncachable

 

2. 列出所有被检测到的硬件

---

要显示所有被内核检测到的硬盘设备，你可以使用‘grep’命令搜索‘sda’关键词，如下：

[root@localhost ~]# dmesg | grep sda
[    0.904868] sd 0:0:0:0: [sda] 25165824 512-byte logical blocks: (12.8 GB/12.0 GiB)
[    0.904899] sd 0:0:0:0: [sda] Write Protect is off
[    0.904903] sd 0:0:0:0: [sda] Mode Sense: 61 00 00 00
[    0.904932] sd 0:0:0:0: [sda] Cache data unavailable
[    0.904935] sd 0:0:0:0: [sda] Assuming drive cache: write through
[    0.905716]  sda: sda1 sda2 sda3
[    0.905986] sd 0:0:0:0: [sda] Attached SCSI disk
[    1.445603] XFS (sda3): Mounting V5 Filesystem
[    1.453474] XFS (sda3): Ending clean mount
[    2.382062] Adding 524284k swap on /dev/sda2.  Priority:-1 extents:1 across:524284k FS
[    2.404372] XFS (sda1): Mounting V5 Filesystem
[    2.660520] XFS (sda1): Ending clean mount

注解 ‘sda’表示第一块 SATA硬盘，‘sdb’表示第二块SATA硬盘。若想查看IDE硬盘搜索‘hda’或‘hdb’关键词。 

 

3. 只输出dmesg命令的前20行日志

---

在‘dmesg’命令后跟随‘head’命令来显示开始几行，‘dmesg | head -20′命令将显示开始的前20行。

[root@localhost ~]# dmesg head head -n 20
dmesg: unknown level '20'
[root@localhost ~]# dmesg | head -n 20
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Initializing cgroup subsys cpuacct
[    0.000000] Linux version 3.10.0-693.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Aug 22 21:09:27 UTC 2017
[    0.000000] Command line: BOOT_IMAGE=/vmlinuz-3.10.0-693.el7.x86_64 root=UUID=3fad8445-5de7-47b4-bcbb-cce2cfb68fe6 ro crashkernel=auto rhgb quiet LANG=en_US.UTF-8
[    0.000000] Disabled fast string operations
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ebff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009ec00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000dc000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000031edffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000031ee0000-0x0000000031efefff] ACPI data
[    0.000000] BIOS-e820: [mem 0x0000000031eff000-0x0000000031efffff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000031f00000-0x0000000031ffffff] usable
[    0.000000] BIOS-e820: [mem 0x00000000f0000000-0x00000000f7ffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec0ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffe0000-0x00000000ffffffff] reserved
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] SMBIOS 2.7 present.

 

4. 只输出dmesg命令最后20行日志

---

在‘dmesg’命令后跟随‘tail’命令（‘ dmesg | tail -20’）来输出‘dmesg’命令的最后20行日志，当你插入可移动设备时它是非常有用的。

[root@localhost ~]# dmesg | tail -20
[    2.404372] XFS (sda1): Mounting V5 Filesystem
[    2.420959] alg: No test for crc32 (crc32-pclmul)
[    2.553883] ppdev: user-space parallel port driver
[    2.660520] XFS (sda1): Ending clean mount
[    2.749327] type=1305 audit(1585559958.793:3): audit_pid=463 old=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
[    3.122492] NET: Registered protocol family 40
[    3.256780] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[    3.264972] e1000: ens32 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[    5.286500] floppy0: no floppy controllers found
[    5.286553] work still pending
[  622.947463] e1000: ens32 NIC Link is Down
[  623.489946] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[  624.113745] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[  624.951032] e1000: ens32 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  624.952857] IPv6: ADDRCONF(NETDEV_CHANGE): ens32: link becomes ready
[ 7703.119935] e1000: ens32 NIC Link is Down
[ 7703.628247] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 7704.343731] IPv6: ADDRCONF(NETDEV_UP): ens32: link is not ready
[ 7705.131975] e1000: ens32 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 7705.133574] IPv6: ADDRCONF(NETDEV_CHANGE): ens32: link becomes ready

 

5. 搜索包含特定字符串的被检测到的硬件(dmesg -T打印时间)

---

由于‘dmesg’命令的输出实在太长了，在其中搜索某个特定的字符串是非常困难的。因此，有必要过滤出一些包含‘usb’ ‘dma’ ‘tty’ ‘memory’等字符串的日志行。grep 命令 的‘-i’选项表示忽略大小写。

[root@localhost ~]# dmesg | grep -i usb
[root@localhost ~]# dmesg | grep -i dma
[root@localhost ~]# dmesg | grep -i tty
[root@localhost ~]# dmesg | grep -i memory

[root@localhost ~]# dmesg | grep -i memory
[    0.000000] Base memory trampoline at [ffff880000098000] 98000 size 24576
[    0.000000] crashkernel=auto resulted in zero bytes of reserved memory.
[    0.000000] Early memory node ranges
[    0.000000] PM: Registered nosave memory: [mem 0x0009e000-0x0009efff]
[    0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
............................................................

[root@localhost log]# dmesg -T | grep -i memory
[Fri May 29 13:24:17 2020] Base memory trampoline at [ffff880000098000] 98000 size 24576
[Fri May 29 13:24:17 2020] crashkernel=auto resulted in zero bytes of reserved memory.
[Fri May 29 13:24:17 2020] Early memory node ranges
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x0009e000-0x0009efff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x000a0000-0x000dbfff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x000dc000-0x000fffff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x31ee0000-0x31efefff]
[Fri May 29 13:24:17 2020] PM: Registered nosave memory: [mem 0x31eff000-0x31efffff]
[Fri May 29 13:24:17 2020] Memory: 752712k/819200k available (6886k kernel code, 524k absent, 65964k reserved, 4545k data, 1764k init)

redis OMM killer信息通过dmesg查看

#比如你在redis日志中发现如下信息，可以查看操作系统日志dmesg -T | grep redis
10866:M 05 Sep 20:15:19.711 # Background saving terminated by signal 9
10866:M 05 Sep 20:18:43.898 # Background saving terminated by signal 9
10866:M 05 Sep 20:26:46.434 # Background saving terminated by signal 9
10866:M 05 Sep 20:34:49.161 # Background saving terminated by signal 9
10866:M 05 Sep 20:42:52.406 # Background saving terminated by signal 9

dmesg -T | grep redis | grep "Out of memory"

[Mon Sep 5 20:15:18 2016] Out of memory: Kill process 725 (redis-server) score 517 or sacrifice child
[Mon Sep 5 20:18:42 2016] Out of memory: Kill process 786 (redis-server) score 517 or sacrifice child
[Mon Sep 5 20:26:45 2016] Out of memory: Kill process 914 (redis-server) score 517 or sacrifice child


dmesg -T | grep redis | grep "oom-killer"

[Mon Sep 5 20:26:44 2016] redis-server invoked oom-killer: gfp_mask=0x10200da, order=0, oom_score_adj=0
[Mon Sep 5 21:32:53 2016] redis-server invoked oom-killer: gfp_mask=0x8200da, order=0, oom_score_adj=0

 

6. 清空dmesg缓冲区日志

---

我们可以使用如下命令来清空dmesg的日志。该命令会清空dmesg环形缓冲区中的日志。但是你依然可以查看存储在‘/var/log/dmesg’文件中的日志。你连接任何的设备都会产生dmesg日志输出。

[root@localhost ~]# dmesg -c

结论：dmesg命令在系统dmesg记录实时更改或产生的情况下是非常有用的。你可以使用man dmesg来获取更多关于dmesg的信息。