How to Read Log Files on Windows, Mac, and Linux
Logging is a data collection method that stores pieces of information about the events that take place in a computer system. There are different kinds of log files based on the kind of information they contain, the events that trigger log creation, and several other factors. This post focuses on log files created by the three main operating systems--Windows, Mac, and Linux, and on the main differences in the ways to access and read log files for each OS.
How Can I Read Log Files on a Windows Computer?
- Read Log Files Using Event Viewer
- Read Log Files Using a Text Editor
Event Viewer is utility software that helps Windows administrators troubleshoot various issues. Each event has its unique ID, which makes it easier to discover solutions for some problems by googling the event ID and reading about other people’s ways of dealing with them. Windows logs are divided into application, security, setup, system, and forwarded events folders for easier access.
Since .log is a plain text extension, you can read logs using any kind of text editing software - Notepad, Notepad++, Microsoft Word, etc. Many advanced users prefer Notepad++ because of its built-in features that make log reading easier. You can use Styler to highlight or color custom keywords such as warnings and errors you wish to trace, which allows you to read log files much faster.
How Can I Read Log Files on a Mac Computer?
- Terminal app
- Console app
- TextEdit or any other text editor
The Terminal app allows users to read log files using the command line. If you’re a beginner administrator with no previous knowledge of Unix, Terminal app might be too much of a challenge for you because it requires familiarity with basic Unix commands. If you prefer to use a point-and-click GUI, try another solution, such as the Console app.
The Console app is basically the Mac version of Event Viewer for Windows, and you can access it via Finder or Spotlight search. The default screen shows console errors, but you can go through other folders for other reports. The System Reports folder contains information about all system applications, while you can find user application logs in the User Reports folder. The folder called ~Library/Logs shows the user-specific application log folder for the currently logged-in user, and you can access other users’ data by logging out, signing in as another user, and reopening the Console app.
Finally, you can handle log files as you would any other text file and access them via a text editor like TextEdit. Unfortunately, handling log files with TextEdit isn’t as intuitive or simple as with Notepad++ for Windows, which is why many users who switch from Windows to Mac resort to other methods.
How Can I Read Log Files on a Linux Computer?
If you wish to read log files on Linux (or another Unix-like operating system), you can do it from the command line. To be able to see the files, you need to be logged in as root user - the account that has access to all parts of the system. Most log files on Linux can be found in the /var/log directory, but some desktop applications have their logs stored in a different place. For troubleshooting operating system and service issues, you can rely on /var/log to have all relevant data.
Most Common Linux Log File Names:
- /var/log/audt/audit.log - stores audit information
- /var/log/auth.log - stores system authorization information such as user logins and requests for privileged access
- /var/log/boot.log - stores all bootup messages from the initialization script
- /var/log/cron.log - stores all cron job activities
- /var/log/dpkg.log - stores all dpkg activities
- /var/log/kern.log - stores all kernel log information
- /var/log/yum.log - stores all yum activities
Should I Use Advanced Read Log Software?
While basic text editors are a good choice for users with modest demands, they come with performance limitations and lack advanced features compared to read log software. For example, a log file size can range from several kB to several MB (there are even instances of gargantuan logs that are several GB big), and if you try to open a file that is too big, you will get an error message. If it doesn’t crash, built-in software often works very slowly with large logs. Even if you manage to open a file that is a couple hundred MB big, it contains so many lines it is virtually impossible to find your way around by simply scrolling through them.
Depending on your system needs, consider using open source software or investing in a quality solution that enables you to go through log files with more speed, ease, and accuracy through centralized logging.