System Log

From The iPhone Wiki
Revision as of 19:18, 9 June 2014 by Britta (talk | contribs) (intro and user-friendly link)
Jump to: navigation, search

iOS devices have a system log (syslog) like other UNIX-derived operating systems do. See Syslog on Wikipedia for background.

If you're a developer who needs simple instructions to give to a user about how to send a syslog to you, you can give them "A developer asked for my device's syslog. How do I send it?" in the JailbreakQA FAQ.

Reading syslog

On-device

As iOS is Unix based, it comes as no surprise that its syslog can be read using the same tools desktop Unix and Linux power users use; provided the tools are compiled for ARM. The most common tool is socat(1)[man]. If you don't have it yet, just run an apt-get on the package socat. In order to use it, just connect to the syslog socket with the following command:

socat - UNIX-CONNECT:/var/run/lockdown/syslog.sock

This gives an interactive shell with the syslog daemon (no need to enable file output). If you execute the watch command, a backlog of messages will be printed and new messages will be printed as they arrive.

On OS X through lockdownd

A binary (and its source code) to view ASL messages from Mac using the MobileDevice.framework has been made available on http://newosxbook.com/index.php?page=downloads. Ryan Petrich's deviceconsole also provides the same functionality with useful color-coding.

On Windows through lockdownd

Apple's iPhone Configuration Utility can display the syslog on Windows.

bgm's trick for enabling system log

This method will constantly write syslog output to a file. This is not recommended as it is slower, and can become fairly large. Install "syslogd to /var/log/syslog" from saurik's repo and reboot your device. /var/log/syslog will now be appended to automatically, and you can watch it like so:

tail -f /var/log/syslog

(The "tail" command is in the package "Core Utilities" (coreutils) in the Cydia/Telesphoreo repository.) If you keep your device full of data, be careful you don't fill the disk. Unix systems tend to break when they can't write to the syslog. Keep an eye on it or employ some log rotation.

To disable syslog writing, run:

rm /var/log/syslog;
mknod /var/log/syslog c 3 2

This will delete (rm) the file and create a /dev/null. (mknod *** c 3 2)

To re-enable syslog writing, run:

rm /var/log/syslog
touch /var/log/syslog

This will delete (rm) the file and and make a blank regular file. (touch)

SBSettings Toggle

An SBSettings toggle for enabling/disabling the syslog in this way is available at BigBoss' Cydia repository. Ensure "syslogd to /var/log/syslog" is installed - the toggle package hasn't marked it as a dependency.

On OS X or Windows through cinject

  1. Plug your device into your computer.
  2. Download cinject from this Dev Team blog post (for OS X and Windows).
  3. Unzip the file.
  4. Open up a terminal on your computer (if you use OS X, you can use the Terminal application in the /Applications/Utilities/ folder.)
  5. Assuming you're using OS X and have downloads configured to use the default Downloads folder, run this command (copy and paste it and then hit the return key): cd ~/Downloads/cinject-0.5.4 and then run ./cinject -w
  6. That should display the running syslog from your device.

Reference