comp_err - Linux

Overview

comp_err is a command-line utility designed to compare two or more syslog files and identify discrepancies. It helps in troubleshooting errors and system issues by checking for differences in log entries across multiple machines or time periods.

Syntax

comp_err [options] <file1> [<file2> ...]

Options/Flags

• -a, –all: Compare both errors and non-errors.
• -e, –errors: Only compare error messages.
• -s, –silent: Suppress output unless differences are found.
• -v, –verbose: Increase output verbosity.
• -t, –timestamp: Include timestamps in the output.
• -f, –format: Specify the output format (text, xml, json). Default: text.

Examples

Compare two error logs:

comp_err -e error.log1 error.log2

Compare all logs within a directory:

comp_err -a /var/log/*.log

Output in JSON format:

comp_err -f json error.log1 error.log2

Common Issues

• File not found: Ensure that all specified log files exist and are accessible.
• Incorrect format: Verify that the log files are in the correct format (usually syslog).
• No differences: If no differences are reported, the logs are identical.

Integration

Combine with grep:

comp_err error.log1 error.log2 | grep "CRITICAL"

Use in a script:

#!/bin/bash

logs=(/var/log/*.log)
for log in "${logs[@]}"; do
  comp_err -e $log
done

Related Commands

• grep: Search for specific patterns in text.
• diff: Compare two files line by line.
• syslog: Logging system for Linux.