Heads or Tails?

Although less can be powerful, sometimes it – and even more or cat – can be imprecise or overkill for what you want. In many circumstances, you might want to turn to head or tail instead.

As the name implies, head looks at the first 10 lines of a file by default. Probably its greatest use is to let you identify a file quickly. For instance, if you were logged in as the root user and unsure what information /var/log/scrollkeeper.log contained, head might be just enough for you to find that answer.

In contrast, tail looks at the last 10 lines of a file and often writes them to the command line. This glimpse is useful because system log files generally write the latest information at the bottom of the file, and it is ideal for ongoing monitoring for troubleshooting. All you need to do is open a terminal on an unused virtual desktop and continue your work on another, glancing occasionally at the output from tail to see what is happening.

If 10 lines are not enough, use -<number> to change the number of lines displayed in either head or tail. If you want to see the file header, which can contain such information as the name of the file or information that identifies its format, then use the -v (verbose) option (Figure 5). Alternatively, you can suppress the head with -q (quiet).

Figure 5: Both the head and the tail command have verbose (shown) and quiet modes.

Additionally, tail has several commands to help you to manipulate troubleshooting information. If you add -f, information will be added to the output as it becomes available. Should the monitored file be inaccessible or become so, you can use --retry to ensure that you keep monitoring it (or, conversely, to ensure that the reason you haven't received new data isn't that something has happened to the file). To control how often the file is scanned and reduce the amount of system resources used by tail, add -s<SECONDS>.

Still another useful feature is --pid<PID>, which stops tail from running if the system process with the specified ID stops running. Most likely, you will need to run the top or ps commands as the root user to find the PID of the process you want to monitor.

A Basic Beginning

These options are not the only ones you can use with the viewing commands. In particular, less has dozens more, some of which you are unlikely to use unless you have advanced skills in system administration and troubleshooting. Still, the ones mentioned here should help you use the commands efficiently without getting bogged down in too much memorization. Take a look at the man page for the command of your choice. The view commands are not complicated – even if the way options are described in their man pages sometimes are.