BestHub
Sign in
Operations 12 min read

Master Log Analysis: Fast Techniques to Pinpoint Errors in Massive Log Files

This guide presents practical Linux commands and step‑by‑step methods—such as tail, head, grep, sed, and pagination tools—to quickly locate errors, filter by time range, count occurrences, and navigate large log files efficiently for system administrators.

Liangxu Linux
Liangxu Linux
Liangxu Linux
Master Log Analysis: Fast Techniques to Pinpoint Errors in Massive Log Files

Dynamic Log Viewing

Use tail -f catalina.out to follow a log file in real time, or cat catalina.out to display its entire content. Redirect output to a new file for focused inspection, e.g., cat -n catalina.out | grep 717892466 > nanjiangtest.txt.

Tail/Head Simple Commands

tail -n number catalina.out

– show the last number lines. tail -n +number catalina.out – display all lines after line number . head -n number catalina.out – show the first number lines. head -n -number catalina.out – display all lines except the last number lines.

Method 1: Find Line Numbers by Keyword

Obtain the line number of a specific entry, then view surrounding lines:

# cat -n catalina.out | grep "keyword"
# cat -n catalina.out | tail -n +13230539 | head -n 10

Here tail -n +13230539 starts from line 13,230,539, and head -n 10 limits the output to ten lines.

Method 2: Search Within a Time Range

First verify that the desired timestamps exist in the log, then extract the range using grep or sed:

# grep '11:07 18:29:20' catalina.out
# grep '11:07 18:31:11' catalina.out
# sed -n '/11:07 18:29:20/,/11:07 18:31:11/p' catalina.out
# sed -n '/11:07 18:29:/,/11:07 18:31:/p' catalina.out

Method 3: Count Occurrences of a Specific String

# grep '1175109632' catalina.out | wc -l

The command returns the number of matching lines (e.g., 154).

Method 4: Search the Last N Lines for a Keyword

# tail -n 20 catalina.out | grep 'INFO Takes:1'

This extracts lines containing the phrase INFO Takes:1 from the most recent 20 entries.

Method 5: Highlight Matches in the Last N Lines

# tail -n 20 catalina.out | grep 'INFO Takes:1' --color

The --color flag highlights the matching text.

Method 6: Highlight with Context Lines

# tail -n 20 catalina.out | grep 'INFO Takes:1' --color -A2

The -A2 option prints two lines of context after each match.

Method 7: Paginated Viewing

Pipe the filtered output to more or less for page‑wise navigation:

# tail -n 2000 catalina.out | grep 'INFO Takes:1' --color -A2 | more
# tail -n 2000 catalina.out | grep 'INFO Takes:1' --color -A2 | less

Navigation Shortcuts (for less )

Full‑screen navigation: Ctrl+F (forward one screen), Ctrl+B (back one screen), Ctrl+D (forward half screen), Ctrl+U (back half screen).

Line navigation: j (down one line), k (up one line).

Other shortcuts: G (go to end), g (go to start), q or ZZ (quit).

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

Sysadminlog analysisGreptailsed
Liangxu Linux
Written by

Liangxu Linux

Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment