Skip to content

Logs

Tools for reading systemd journal logs and log files.

Remote execution

All tools on this page accept an optional host parameter (string) to execute the command on a remote machine via SSH instead of locally. See SSH Configuration for details.

get_journal_logs

Get systemd journal logs.

Parameters:

  • unit (string, default: ""): Filter by systemd unit name or pattern
  • priority (string, default: ""): Filter by syslog priority level (0-7), name, or range
  • since (string, default: ""): Filter entries since specified time (absolute or relative)
  • transport ("audit", "driver", "journal", "kernel", "stdout", "syslog", default: none): Filter by journal transport (e.g., 'audit' for audit logs, 'kernel' for kernel messages, 'syslog' for syslog messages)
  • lines (integer, default: 100): Number of log lines to retrieve. Default: 100 [min: 1, max: 10000]

Returns:

  • entries (array of string)
  • unit (string | string or null)
  • path (string | string or null)
  • lines_count (integer)

read_log_file

Read a specific log file.

Parameters:

  • log_path (string, required): Absolute path to the log file (must be in allowed list)
  • lines (integer, default: 100): Number of lines to retrieve from the end. [min: 1, max: 10000]

Returns:

  • entries (array of string)
  • unit (string | string or null)
  • path (string | string or null)
  • lines_count (integer)