Linux

What is journalctl Filters? You can use filters with journalctl to narrow down and control which log entries are displayed. journalctl supports a wide range of filtering options, both by structured fields and by command-line flags. Structured Fields: SYSLOG_IDENTIFIER, _SYSTEMD_UNIT, _UID, etc Command-Line Fields: --since, --until, -u, -p, --grep, etc Common journalctl Filters Filter Type Example Command Description By Time journalctl --since "8 hours ago" Shows logs since a specific time By Service/Unit journalctl -u nginx.server Show logs for a specific server/unit By Priority journalctl -p warning Show logs at/above a certain severity By Field journalctl SYSLOG_IDENTIFIER=sudo Show logs where a field matches a value By Boot journalctl -b -1 Shows logs from the previous boot By Keyword journalctl --grep "error" Shows logs containing a keyword Advanced journalctl Filters Filter Type Example Command Description By User ID journalctl _UID=user_id Filter logs by the user ID of the process that generated them By Group ID journalctl _GID=group_id Filter logs by the group ID of the process that generated them By Process ID journalctl _PID=process_id Filter logs by process ID By Process name journalctl _COMM=nginx Filter by process name (eg. _COMM=nginx) By Hostname journalctl _HOSTNAME=hostname Filter logs by hostname By Executable Path journalctl _EXE=exe_path Filter logs by executable path (eg: /usr/local/bin/hugo) By Boot Session journalctl _BOOT_ID=boot_id Filter logs by a specific boot session By Audit Session journalctl _AUDIT_SESSION=session_id Filter logs by audit session ID By Syslog Facility Code journalctl _SYSLOG_FACILITY=facility_number Filter by syslog facility code Alternatively, you can find the available filters in journalctl by using: ...

Checking Service Status In Detail The systemctl status command provides detailed information about a service, including it’s current state (active, inactive, failed), recent log entries, and reasons for failure if the service is not running. Example Command: sudo systemctl status apache2 #or httpd service sudo systemctl status httpd Output: iamyaash@pi5:~ $ sudo systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; preset: enabled) Active: active (running) since Sun 2025-06-29 20:30:48 IST; 1s ago Docs: man:firewalld(1) Main PID: 7956 (firewalld) Tasks: 2 (limit: 9585) CPU: 279ms CGroup: /system.slice/firewalld.service └─7956 /usr/bin/python3 /usr/sbin/firewalld --nofork --nopid Jun 29 20:30:48 pi5 systemd[1]: Starting firewalld.service - firewalld - dynamic firewall daemon... Jun 29 20:30:48 pi5 systemd[1]: Started firewalld.service - firewalld - dynamic firewall daemon. The output includes: ...

Practical guide to systemd timers, covering the differences from cron, the structure of timer files, key directives, and hands-on exercises.

Important directives: ExecStart, ExecStop, Restart policies; Dependencies and ordering: Requires, Wants, Before, After; Writing your own service units with examples; Overriding units using drop-in configurations (systemctl edit)

This guide explains how to use Linux commands to manage file permissions, ownership and special permissions. Commands: chmod, chown, and chgrp.

Know how to mount and unmount storage effectively for temporary and permanent storage.

To ensure that new files created in a shared directory are automatically assigned to the directory’s group rather than the group of the user who created them.

Firewalls in Linux system administration, focussing on both firewalld and iptables.

dd is a Linux tool, and it widely used for Linux system administration and is essential for many low-level tasks involving disks, partitions, and files at the block level.

Understanding Linux log locations, using journalctl, analyzing traditional logs, filtering and searching logs with grep, less and time filters.