less

less command in Linux to efficiently navigate and analyze large log files. The less command is a powerful tool for viewing text files in the terminal, allowing users to scroll through content, search for specific information, and view file contents page by page.

Imagine you are a system administrator tasked with investigating a series of server errors. You have access to a large log file containing information about system events, but the file is too big to open in a regular text editor. This is where the less command becomes invaluable.

Open file

less file_name

Use the following keys to navigate:

Press Space or Page Down to move forward one page
Press b or Page Up to move backward one page
Use the Up and Down arrow keys to move line by line
Press G (Shift + g) to go to the end of the file
Press g to go to the beginning of the file
  • To search for the word “ERROR”, type /ERROR and press Enter. This will highlight all occurrences of “ERROR” in the file.
  • Press n to move to the next occurrence of “ERROR”, or N to move to the previous occurrence.
  • Now, let’s search for a specific date. First, navigate to the beginning of the file by pressing g, then look at the dates in the log entries. Choose a date that appears in the file (for example, if you see “2025-01-15” in the file, search for that date). Type / followed by the date you want to search for (e.g., /2025-01-15) and press Enter.
  • Use n and N to navigate between occurrences of this date.

Open the log file with line numbers displayed:

less -N file_name

Starting from a specific pattern

Let’s say you want to start viewing the file from the first occurrence of a database error. Use this command:

less +/ERORR:.Database file_name

This command tells less to open the file and immediately jump to the first line containing “ERROR:” followed by any character and then “Database”.

Other useful less parameters not covered in this tutorial include:

  • -i: Ignore case in searches
  • -F: Quit if the entire file can be displayed on one screen
  • -S: Chop long lines instead of wrapping them
  • +F: Keep reading the file, displaying new contents as they appear (similar to tail -f)