System Log

From The iPhone Wiki
Revision as of 17:44, 26 August 2015 by IAdam1n (talk | contribs) (This should not be in the filesystem category as it has nothing to do with it.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

iOS devices have a system log (syslog) like other UNIX-derived operating systems do. See Syslog on Wikipedia for background. This can be helpful as a debugging tool for developers.

If you're a developer who needs simple instructions to give to a user about how to send a syslog to you, you can give them a link to the Detailed instructions for non-developers below.

Reading syslog

On-device with socat

As iOS is Unix based, it comes as no surprise that its syslog can be read using the same tools desktop Unix and Linux power users use; provided the tools are compiled for ARM. The most common tool is socat(1)[man]. If you don't have it yet, run an apt-get on the package socat (or install the package SOcket CAT via Cydia). In order to use it, connect to the syslog socket with the following command:

socat - UNIX-CONNECT:/var/run/lockdown/syslog.sock

This gives an interactive shell with the syslog daemon (no need to enable file output). If you execute the watch command, a backlog of messages will be printed and new messages will be printed as they arrive.

On-device with ondeviceconsole

Evan Swick's ondeviceconsole tool can be used in place of the method mentioned above. It functions similar to Ryan Petrich's deviceconsole tool, but runs directly on the device, without the need of a computer. It connects directly to the syslog socket, and displays log entries in real-time, with syntax highlighting. A precompiled version is available in the BigBoss repository.

On-device with saving to a file

To constantly write syslog output to a file on the device (which can be slower, and the file can become fairly larg e, but can be convenient): install syslogd to /var/log/syslog from saurik's repo and reboot your device.

If you don't want to reboot, you can restart the syslogd instead:

launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist
launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist

/var/log/syslog will now be appended to automatically, and you can watch it like so:

tail -f /var/log/syslog

(The "tail" command is in the package "Core Utilities" (coreutils) in the Cydia/Telesphoreo repository.) If you keep your device full of data, be careful you don't fill the disk. Unix systems tend to break when they can't write to the syslog. Keep an eye on it or employ some log rotation.

To disable syslog writing, uninstall the syslogd to /var/log/syslog package. You may want to delete the file at /var/log/syslog if you no longer need it.

Or if you want to disable syslog writing without uninstalling the package, you can run:

rm /var/log/syslog;
mknod /var/log/syslog c 3 2

This will delete (rm) the file and create a /dev/null. (mknod *** c 3 2)

To re-enable syslog writing, run:

rm /var/log/syslog
touch /var/log/syslog

This will delete (rm) the file and and make a blank regular file (touch).

On iOS 6 and below, it may be useful to install the SBSettings syslog toggle for enabling/disabling the syslog in this way, available at BigBoss' Cydia repository. Ensure "syslogd to /var/log/syslog" is installed - the toggle package hasn't marked it as a dependency.

On OS X through lockdownd

A binary (and its source code) to view ASL messages from Mac using the MobileDevice.framework has been made available on http://newosxbook.com/index.php?page=downloads. Ryan Petrich's deviceconsole also provides the same functionality with useful color-coding.

On Windows through lockdownd

Apple's iPhone Configuration Utility can display the syslog on Windows.

On OS X or Windows through cinject

  1. Plug your device into your computer.
  2. Download cinject from this Dev Team blog post (for OS X and Windows).
  3. Unzip the file.
  4. Open up a terminal on your computer (if you use OS X, you can use the Terminal application in the /Applications/Utilities/ folder.)
  5. Assuming you're using OS X and have downloads configured to use the default Downloads folder, run this command (copy and paste it and then hit the return key): cd ~/Downloads/cinject-0.5.4 and then run ./cinject -w
  6. That should display the running syslog from your device.

On-device with saving to a file via a Python script

I made this little naive python script for my own usage. It saves the syslog in /var/log/syslog file. You need to install python with apt-get install python to use it. Name it syslog or whatever and start it with ./syslog &

#!/usr/bin/python

# Created by Xvolks 11/09/2014

import sys
import socket

server_address = '/var/run/lockdown/syslog.sock'

# Create a UDS socket
sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)

try:
    sock.connect(server_address)
except socket.error, msg:
    print >>sys.stderr, msg
    sys.exit(1)

try:

    # Send data
    data = sock.recv(64)
    print data
    sock.sendall('watch\n')
    f = open('/var/log/syslog', 'a')
    while 1:
        data = sock.recv(256)
        if (data):
           f.write("".join(data.split('\x00')))
        else:
           sleep(1)

finally:
    f.close()
    print >>sys.stderr, 'closing socket'
    sock.close()

Detailed instructions for non-developers

A syslog is a record of errors and other technical information that can be useful to developers. It usually doesn't include personal information other than your device's name and the names of apps and packages you have running. Here are a couple of ways to send this to a developer who has asked you for it.

Option A: from your device

  1. Open Cydia and install this package: syslogd > /var/log/syslog
  2. Reboot your device.
  3. Go into the filesystem. You have several options for doing this. You can use iFile (a Cydia app that runs on your device); or install OpenSSH from Cydia and then use Terminal or a graphical desktop SFTP application like Cyberduck (Mac) or WinSCP (Windows); or use a desktop application like iExplorer.
  4. Using your chosen tool, navigate to /var/log/syslog and email it to the developer who asked for it. (For example: in iFile, go to /var/log/, tap "Edit" in the top right corner, tap the white bubble to the left of the syslog file, tap the envelope at the bottom of the screen, and send the email to the developer.)

Optional: If you want to be able to run the command-line program "tail" to watch the syslog, you may need to install the package "Core Utilities" (coreutils).

After completing this task: if you don't need syslog anymore, you can uninstall syslogd > /var/log/syslog (and it might be a good idea to uninstall it if you don't have much disk space available, since syslog files can grow to be large files).

Option B: from your desktop computer

  1. Plug your device into your computer.
  2. Download cinject from this Dev Team blog post (for OS X and Windows).
  3. Unzip the file.
  4. Open up a terminal on your computer (if you use OS X, you can use the Terminal application in the /Applications/Utilities/ folder.)
  5. Assuming you're using OS X and have downloads configured to use the default Downloads folder, run this command (copy and paste it and then hit the return key): cd ~/Downloads/cinject-0.5.4 and then run ./cinject -w
  6. That should display the running syslog from your device. You can copy the results and paste them into an email to the developer who asked for the syslog.

References