dmesg display packet info while journalctl --dmesg show none on my centos?

Question

# cat /proc/version 
Linux version 2.6.32-042stab125.5 (root@kbuild-rh6-x64.eng.sw.ru) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Tue Oct 17 12:48:22 MSK 2017

For the logging chain in my iptables.

Chain LOGGING (2 references)
target     prot opt source               destination         
LOG        tcp  --  anywhere             anywhere             tcp dpt:ssh limit: avg 2/min burst 5 LOG level debug prefix "drop port 22"

Inspect all logging records.

# dmesg 
RGP=0 
[404925.404804] drop port 22IN=venet0 OUT= MAC= SRC=111.111.111.111 DST=222.222.222.222 LEN=136 TOS=0x00 PREC=0x00 TTL=45 ID=23569 DF PROTO=TCP SPT=25103 DPT=22 WINDOW=282 RES=0x00 ACK PSH URGP=0 
[404955.495105] drop port 22IN=venet0 OUT= MAC= SRC=111.111.111.111 DST=222.222.222.222 LEN=136 TOS=0x00 PREC=0x00 TTL=47 ID=34883 DF PROTO=TCP SPT=19703 DPT=22 WINDOW=296 RES=0x00 ACK PSH URGP=0

Nothing as output for the following commands.

# journalctl --dmesg
-- No entries --
# cat  /var/log/dmesg
# cat  /var/log/messages |grep MAC

Which file contains all the info records displayed by dmesg?
Can journalctl command get all the output displayed by dmesg?
Many records as the output of dmesg command, no entries for journalctl --dmesg,why?

Add your distribution to the question and tags. – jdwolf Nov 12 '17 at 09:04 — jdwolf, Nov 12 '17 at 09:04

score 2 · Accepted Answer · answered Nov 12 '17 at 08:42

dmesg on Linux prints the output of the kernel ring buffer, not from a log file - which is why you can't find it. This might not be the case on other systems. See this question for more details.

To view the same with journalctl use the -k or --dmesg option.

$ journalctl --dmesg
-- Logs begin at Mon 2017-10-23 19:04:10 BST, end at Sun 2017-11-12 08:39:58 GMT. --
Oct 23 19:04:10 HP-Envy kernel: microcode: CPU0 microcode updated early to revision 0x62, date = 2017-04-27
Oct 23 19:04:10 HP-Envy kernel: Initializing cgroup subsys cpuset
Oct 23 19:04:10 HP-Envy kernel: Initializing cgroup subsys cpu
Oct 23 19:04:10 HP-Envy kernel: Initializing cgroup subsys cpuacct
Oct 23 19:04:10 HP-Envy kernel: Linux version 4.4.0-89-generic (buildd@lgw01-18) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4) ) #112-Ubuntu SMP Mon Jul 31 19:38:41 UTC 2017 (Ubuntu 4.4.0-89.112-generic 4.4.76)
Oct 23 19:04:10 HP-Envy kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-4.4.0-89-generic root=UUID=a090cb63-4bf2-44e2-b7e1-cb5bd98cf75b ro quiet splash
Oct 23 19:04:10 HP-Envy kernel: KERNEL supported cpus:
...

Note that while you can clear the ring buffer with sudo dmesg clear so that running dmesg yields no output, it is still stored in the journals and the above journalctl command will still work.

Many records as the output of dmesg command, no entries for journalctl --dmesg,why? — showkey, Nov 12 '17 at 09:00
Pleae edit your question to a) add details of your distro, and b) replace the screen-shot with text. A screen-shot cannot be read by search engines. — garethTheRed, Nov 12 '17 at 09:10

score 0 · Answer 2 · answered Nov 13 '17 at 01:39

0

dmesg entries are stored in /var/log/syslog
journalctl -kf should satisfy.

answered Nov 13 '17 at 01:39

Dr. Alexander

361

score 0 · Answer 3 · answered Nov 14 '17 at 12:01

0

The type of my vps is openvz ,test it on kvm, garethTheRed and Dr. Alexander 's command work.
In openvz's vps log will not written into /var/log/syslog (debian) or /var/log/messages(centos).

answered Nov 14 '17 at 12:01

showkey

323

dmesg display packet info while journalctl --dmesg show none on my centos?

3 Answers3