Log

watch the log file .. its will update in real time

tail -f logfile.log

tail -n 100 -f logfile.log

less logfile.log

head -n 20 logfile.log  # Shows first 20 lines

tail -n 50 logfile.log  # Shows last 50 lines

tail -f logfile.log | grep "ERROR"

tail -f logfile.log | grep --color=always "ERROR\|WARNING\|INFO"

grep "Failed login" logfile.log

grep -i "error" logfile.log

grep -n "exception" logfile.log

grep -c "404 Not Found" access.log

tail -f log1.log log2.log log3.log

tail -f logfile.log | while read line; do echo "$(date +%T): $line"; done

sed -n '/2025-01-01 10:00:00/,/2025-02-01 11:00:00/p' logfile.log

tail -f logfile.log | awk '{print $1, $4, $9}'  # Print columns 1, 4, and 9

cat access.log | awk '{print $1}' | sort | uniq -c | sort -nr

grep "ERROR" logfile.log | cut -d: -f4 | sort | uniq -c | sort -nr | head -10

cat access.log | grep -o 'HTTP/[0-9.]* [0-9]*' | cut -d' ' -f2 | sort | uniq -c | sort -nr

awk '{sum+=$10; count++} END {print "Average response time:", sum/count, "ms"}' access.log

gzip logfile.log.1

find /var/log -name "*.log" -type f -mtime +7 -exec gzip {} \;

mv logfile.log logfile.log.1
touch logfile.log
chmod 644 logfile.log

split -b 100M large_logfile.log segment_

journalctl -u service-name -f

goaccess access.log -c

docker logs --tail 100 -f container_name