You can filter journalctl output using various options and flags. Here are some common methods:
1. Filter by Time
To show logs from a specific time range:
journalctl --since "2023-10-01" --until "2023-10-02"2. Filter by Unit
To show logs for a specific service:
journalctl -u <service-name>For example:
journalctl -u ssh.service3. Filter by Priority
To show logs of a specific priority level (e.g., errors):
journalctl -p errYou can use levels like emerg, alert, crit, err, warning, notice, info, and debug.
4. Filter by Keywords
To search for specific keywords in the logs:
journalctl | grep "<keyword>"5. Follow Logs in Real-Time
To follow logs as they are written:
journalctl -f6. Combine Filters
You can combine filters for more specific output. For example, to show error logs for a specific service:
journalctl -u <service-name> -p errThese commands will help you effectively filter the output of journalctl based on your needs.
