Skip to main content

How to deal with dmesg timestamps

 

By default dmesg command print kernel ring buffer using the timestamp for each logged message. It is easy to change this behavior and display date/time in a human-readable form using just one additional parameter. Still, sometimes it is not supported, so I will shortly touch upon this topic.

$ dmesg
[...]
[    1.028871] Linux agpgart interface v0.103
[    1.028940] agpgart-intel 0000:00:00.0: Intel Sandybridge Chipset
[    1.028999] agpgart-intel 0000:00:00.0: detected gtt size: 2097152K total, 262144K mappable
[    1.029857] agpgart-intel 0000:00:00.0: detected 65536K stolen memory
[...]

How to convert timestamps to human-readable form?

The easiest way is to use -T or --ctime parameter.

$ dmesg -T
[...]
[Sat Oct 19 12:43:26 2013] Linux agpgart interface v0.103
[Sat Oct 19 12:43:26 2013] agpgart-intel 0000:00:00.0: Intel Sandybridge Chipset
[Sat Oct 19 12:43:26 2013] agpgart-intel 0000:00:00.0: detected gtt size: 2097152K total, 262144K mappable
[Sat Oct 19 12:43:26 2013] agpgart-intel 0000:00:00.0: detected 65536K stolen memory
[...]

What if the above-mentioned parameters are not supported?

Sometimes you will encounter Linux distribution in which such conversion is not supported but can be easily implemented using the following shell script.

#!/bin/bash
# Translate dmesg timestamps to human readable format

# desired date format
date_format="%a %b %d %T %Y"

# uptime in seconds
uptime=$(cut -d " " -f 1 /proc/uptime)

# run only if timestamps are enabled
if [ "Y" = "$(cat /sys/module/printk/parameters/time)" ]; then
  dmesg | sed "s/^\[[ ]*\?\([0-9.]*\)\] \(.*\)/\\1 \\2/" | while read timestamp message; do
    printf "[%s] %s\n" "$(date --date "now - $uptime seconds + $timestamp seconds" +"${date_format}")" "$message"
  done
else
  echo "Timestamps are disabled (/sys/module/printk/parameters/time)"
fi

What if timestamps are missing?

Rarely you will find that timestamps are missing from the dmesg output.

$ dmesg
[...]
Bluetooth: RFCOMM TTY layer initialized
Bluetooth: RFCOMM socket layer initialized
Bluetooth: RFCOMM ver 1.11
[...]

Read /sys/module/printk/parameters/time file to confirm that timestamps are disabled.

$ cat /sys/module/printk/parameters/time
N

Write Y to the above-mentioned file to enable logging timestamps.

$ echo Y | sudo tee /sys/module/printk/parameters/time
This change will not be permanent, as it will last until reboot. To make it permanent, add printk.time=1 parameter to grub options.

Log test message and verify dmesg output to check out changes.

$ echo "Enabled timestamps" | sudo tee /dev/kmsg

$ dmesg
[...]
Bluetooth: RFCOMM TTY layer initialized
Bluetooth: RFCOMM socket layer initialized
Bluetooth: RFCOMM ver 1.11
[...]
[271309.434405] Enabled timestamps
[...]

Comments

Post a Comment

https://gengwg.blogspot.com/

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...
Post a Comment
Read more

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...
2 comments
Read more