System Log

From The iPhone Wiki
Revision as of 20:24, 10 February 2014 by Britta (talk | contribs) (more detail)
Jump to: navigation, search

Reading syslog

On-device

As iOS is Unix based, it comes as no surprise that its syslog can be read using the same tools desktop Unix and Linux power users use; provided the tools are compiled for ARM. The most common tool is socat(1)[man]. If you don't have it yet, just run an apt-get on the package socat. In order to use it, just connect to the syslog socket with the following command:

socat - UNIX-CONNECT:/var/run/lockdown/syslog.sock

This gives an interactive shell with the syslog daemon (no need to enable file output). If you execute the watch command, a backlog of messages will be printed and new messages will be printed as they arrive.

On OS X through lockdownd

A binary (and its source code) to view ASL messages from Mac using the MobileDevice.framework has been made available on http://newosxbook.com/index.php?page=downloads. Ryan Petrich's deviceconsole also provides the same functionality with useful color-coding.

On Windows through lockdownd

Apple's iPhone Configuration Utility can display the syslog on Windows.

bgm's trick for enabling system log

This method will constantly write syslog output to a file. This is not recommended as it is slower, and can become fairly large. Install "syslog to /var/log/syslog" from saurik's repo and reboot your device. /var/log/syslog will now be appended to automatically, and you can watch it like so:

tail -f /var/log/syslog

(The "tail" command is in the package "Core Utilities" (coreutils) in the Cydia/Telesphoreo repository.) If you keep your device full of data, be careful you don't fill the disk. Unix systems tend to break when they can't write to the syslog. Keep an eye on it or employ some log rotation.

To disable syslog writing, run:

rm /var/log/syslog;
mknod /var/log/syslog c 3 2

This will delete (rm) the file and create a /dev/null. (mknod *** c 3 2)

To re-enable syslog writing, run:

rm /var/log/syslog
touch /var/log/syslog

This will delete (rm) the file and and make a blank regular file. (touch)

SBSettings Toggle

An SBSettings toggle for enabling/disabling the syslog in this way is available at BigBoss' Cydia repository. Ensure "syslog to /var/log/syslog" is installed - the toggle package hasn't marked it as a dependency.

Reference