Skip to content

Navigating the Depths of Android Logcat

Views the buffer that contains radio/telephony related messages.

adb logcat -b radio

Views the interpreted binary system event buffer messages.

adb logcat -b events

Views the main log buffer (default), which doesn't contain system and crash log messages.

adb logcat -b main

Views the system log buffer (default).

adb logcat -b system

Views the crash log buffer (default).

adb logcat -b crash

View all buffers at same time

adb logcat -b all

View radio and system only

adb logcat -b radio -b system

Print stats

adb logcat -S

Display the priority/tag only

adb logcat -v tag

Display priority/tag and PID

adb logcat -v brief

Display PID only

adb logcat -v process

Display the raw log message

adb logcat -v raw

Display priority, PID, and TID

adb logcat -v thread

Display date, invocation time, priority, tag, PID, and TID

adb logcat -v threadtime

Display date, invocation time, priority/tag, and PID

adb logcat -v time

Clear (flush) the entire log and exit

adb logcat -c

Dump the log and then exit

adb logcat -d

Print a certain number of lines and exit

adb logcat -m 100

Filter to only show Verbose level

adb logcat *:V

Filter to only show Debug level

adb logcat *:D

Filter to only show Info level

adb logcat *:I

Filter to only show Warning level

adb logcat *:W

Filter to only show Error level

adb logcat *:E

Filter to only show Fatal level

adb logcat *:F

Silent mode

adb logcat *:S

Radio - View the buffer that contains radio/telephony related messages

adb logcat -b radio

Event - View the buffer containing events-related messages

adb logcat -b events

Main - Default buffer

adb logcat -b main

Dump logs from prior to the last reboot from pstore

adb logcat -L

Advanced Logcat Commands

All commands/scripts in this section is done by Patrik Gissleholm`

Highlight Specific String in adb logcat Output Using Custom Colors

adb logcat | awk '{
    gsub("telia", "\033[1;31m\033[47mT\033[32m\033[33me\033[34ml\033[1;36mi\033[1;35ma\033[0m")
    print
}'

HIglight specifik strings in adb logcat Output Using Custom Colors

adb logcat | awk '{
    gsub("telia", "\033[1;31m\033[47mT\033[32m\033[33me\033[34ml\033[1;36mi\033[1;35ma\033[0m")
    gsub("wifi", "\033[1;33m\033[47mW\033[32m\033[33mi\033[34mf\033[1;36mi\033[1;35ma\033[0m")
    print
}'

Logcat application by pid

adb shell su -c logcat --pid=$(adb shell su -c ps -A|grep -i com.sec.android.app.parser|awk '{print $2}')

Filter logs by specific tag name

adb logcat -s "tagname"

Filter multiple tags

adb logcat ActivityManager:I MyApp:D *:S

Redirect output to a file

adb logcat > myfile.txt

Use grep for filtering

adb logcat | grep "tagname"

Rotate Logs

adb logcat -f /sdcard/myapp.log -r 5000 -n 10

Print colored output

adb logcat -C

Regex filter

adb logcat | grep -E '^(?=.*Exception)(?=.*Activity)'

Printing Log Entries Related to Lock Settings

adb logcat| grep "LockSettingsService\|LockPatternUtilsKeyStorage\|vold\|vold\|keystore2\|keymaster_tee\|LockSettingsService\|vold_prepare_subdirs"

Hilight Matched Lines by Red Backgrond

adb logcat | awk '
{
    line = tolower($0)
    if (line ~ /key/) {
        printf "\033[41m%s\033[0m\n", $0
    } else {
        print
    }
}
'

Create SubSettings Commands

adb logcat | grep -i "SecTileUtils: Found" | awk '{
    match($0, /Found ([^ ]+) for intent/, arr)
    if (arr[1]) {
        gsub(/\$/, "\\$", arr[1])  # Escape dollar signs
        sub(/com.android.settings/, "com.android.settings/", arr[1])  
        printf "adb shell am start -n '\''%s'\''\n", arr[1] 
    }
}'

Create adb shell commands for received broadcasts

adb logcat | awk '
/Received BROADCAST.*SCREEN_ON/ {
    match($0, /pkg=[^ ]+/, pkgArr)
    match($0, /act=[^ ]+/, actArr)
    match($0, /cmp=[^ ]+/, cmpArr)
    if (pkgArr[0] && actArr[0] && cmpArr[0]) {
        pkg = substr(pkgArr[0], 5)
        act = substr(actArr[0], 5)
        cmp = substr(cmpArr[0], 5)
        printf "adb shell am broadcast -a \033[1;33m'%s'\033[0m -n \033[1;36m'%s'\033[0m\n", act, cmp
    }
}'

Custom Timestamp Format for adb logcat

adb logcat -v brief | while read -r line; do
    echo "$(date +"[%Y-%m-%d|%H:%M:%S]")-$line"
done

Colorize specifik tags and field 5

 adb logcat | awk '/(SyntheticPasswordManager|SyntheticPasswordCrypto|ResumeOnRebootServiceProvider|RebootEscrowProviderServerBased|RebootEscrowProviderHal|RebootEscrowManager|     RebootEscrowKeyStoreManager|PasswordSlotManager|ManagedProfilePasswordCache|LockSettings|LockSettingsDB|LockSettingsStorage|LockSettingsService|BiometricDeferredQueue)/ {
     if ($5 == "V")
         $5 = "\033[36m" $5 "\033[0m"
     else if ($5 == "D")
         $5 = "\033[34m" $5 "\033[0m"
     else if ($5 == "I")
         $5 = "\033[32m" $5 "\033[0m"
     else if ($5 == "W")
         $5 = "\033[33m" $5 "\033[0m"
     else if ($5 == "E")
         $5 = "\033[31m" $5 "\033[0m"
     else if ($5 == "F")
         $5 = "\033[31;1m" $5 "\033[0m"
     else if ($5 == "S")
         $5 = "\033[35m" $5 "\033[0m"

     if ($6 == "DEBUG")
         $6 = "\033[32m" $6 "\033[0m"
     else if ($6 == "INFO")
         $6 = "\033[35m" $6 "\033[0m"
     else if ($6 == "WARN")
         $6 = "\033[33m" $6 "\033[0m"
     else if ($6 == "ERROR")
         $6 = "\033[31m" $6 "\033[0m"

     print
 }'

This command colors all the activities in red

adb logcat | awk '{
    gsub("act=[^[:space:]]+", "\033[31m&\033[0m")
    print
}'

Colrorize tags + verbose same color entire line (different for each)

adb logcat -s 'SyntheticPasswordManager' 'SyntheticPasswordCrypto' 'ResumeOnRebootServiceProvider' 'RebootEscrowProviderServerBased' 'RebootEscrowProviderHal' 'RebootEscrowManager' 'RebootEscrowKeyStoreManager' 'PasswordSlotManager' 'ManagedProfilePasswordCache' 'LockSettings' 'LockSettingsDB' 'LockSettingsStorage' 'LockSettingsService' 'BiometricDeferredQueue' | awk '{if (($5 in seen) || ($6 in seen)) printf "\033[1;31m%s\033[0m\n", $0; else seen[$5]; seen[$6]}'

Colorize Variable

adb logcat | awk -F= '{
    printf "%s\033[31m%s\033[0m%s\n", $1, "=", $2
}'

Colrorize tags + verbose same color column 5 and 6

adb logcat -s 'SyntheticPasswordManager' 'SyntheticPasswordCrypto' 'ResumeOnRebootServiceProvider' 'RebootEscrowProviderServerBased' 'RebootEscrowProviderHal' 'RebootEscrowManager'    'RebootEscrowKeyStoreManager' 'PasswordSlotManager' 'ManagedProfilePasswordCache' 'LockSettings' 'LockSettingsDB' 'LockSettingsStorage' 'LockSettingsService' 'BiometricDeferredQueue' | awk '{for(    i=1; i<=NF; i++) {if ((i==5 || i==6) && ($i in seen)) $i="\033[1;31m"$i"\033[0m"; else if (i==5 || i==6) seen[$i]++;} print}'

Mixing logcat and color

adb logcat -v brief -v color  'AppOps' 'SyntheticPasswordManager' 'SyntheticPasswordCrypto' 'ResumeOnRebootServiceProvider' 'RebootEscrowProviderServerBased' 'RebootEscrowProviderHal'     'RebootEscrowManager' 'RebootEscrowKeyStoreManager' 'PasswordSlotManager' 'ManagedProfilePasswordCache' 'LockSettings' 'LockSettingsDB' 'LockSettingsStorage' 'LockSettingsService'     'BiometricDeferredQueue' | awk '{for(i=1; i<=NF; i++) {if (i==5 && ($i in seen)) $i="\033[1;31m"$i"\033[0m"; else if (i==5) seen[$i]++;} print}'

Colorize Only Info Levels (Field 5)

adb logcat | awk '{
    if ($5 == "V")
        $5 = "\033[36m" $5 "\033[0m"
    else if ($5 == "D")
        $5 = "\033[34m" $5 "\033[0m"
    else if ($5 == "I")
        $5 = "\033[32m" $5 "\033[0m"
    else if ($5 == "W")
        $5 = "\033[33m" $5 "\033[0m"
    else if ($5 == "E")
        $5 = "\033[31m" $5 "\033[0m"
    else if ($5 == "F")
        $5 = "\033[31;1m" $5 "\033[0m"
    else if ($5 == "S")
        $5 = "\033[35m" $5 "\033[0m"
    print
}'

Colorize Every Column

adb logcat -v brief | awk '{
    gsub(/^D/, "\033[34m&\033[0m", $1)                  ### Colorize "D" column in blue
    gsub(/SemNscXgbMsL1/, "\033[33m&\033[0m", $2)       ### Colorize "SemNscXgbMsL1" column in yellow
    gsub(/^.*: /, "\033[31m&\033[0m", $0)               ### Colorize message column in red
    print
}'

Colorize Output to Rainbow

adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 6) + 31                    ### Generate random color code from 31 to 36
        printf "\033[%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'

Colorize output to Rainbow colors

adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 216) + 16                  ### Generate random color code from 16 to 231
        printf "\033[38;5;%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'

Generate activity commands for adb

adb logcat | awk -F'[ ={}]+|\\.' '/WindowManager:   taskInfo=TaskInfo/ {
        match($0, /cmp=[^ ]+/);
        cmp=substr($0, RSTART+4, RLENGTH-4);
        print "adb shell am start -n", cmp
    }'

Start logcat in the background and redirect output to a pipe for callback services

adb logcat | awk -F'[ =]' '/act=[^ ]+/ && /cmp=[^ ]+Service[^ ]*/ {
    for (i = 1; i <= NF; i++) {
        if ($i == "act") {
            act = $(i + 1)
        }
        if ($i == "cmp") {
            cmp = $(i + 1)
        }
    }
    printf "adb shell am startservice -a \033[1;34m'\''%s'\''\033[0m -n \033[1;32m'\''%s'\''\033[0m\n", act, cmp
}'

Monitor WindowManager and create am start commands

adb logcat | awk -F'[ ={}]+|\\.' '/WindowManager:   taskInfo=TaskInfo/ {
    match($0, /cmp=[^ ]+/);
    cmp=substr($0, RSTART+4, RLENGTH-4);
    printf "%s%s%s\n", "\033[36madb shell am start -n ", cmp, "\033[0m"
} END {
    printf "%s%s%s\n", "\033[36madb shell am start -n ", cmp, "\033[0m"
}'

Find Activities for Currently Running Applications (follow activities)

 adb logcat | awk '
 /act=android.intent.action.MAIN/ && /cmp=/ {
    match($0, /act=[^ ]+/);
    act=substr($0, RSTART+4, RLENGTH-4);
    match($0, /cmp=[^ ]+/);
    cmp=substr($0, RSTART+4, RLENGTH-4);
    printf "adb shell am start -a '\''";
    printf "\033[38;5;202m" act "\033[0m";
    printf "'\'' -n '\''";
    printf "\033[38;5;46m" cmp "\033[0m";
    print "'\''"
 }'

Find Services for Currently Running Applications (follow services)

adb logcat | awk -F'[ =]' '/act=[^ ]+/ && /cmp=[^ ]+Service[^ ]*/ {
for (i = 1; i <= NF; i++) {
    if ($i == "act") {
     act = $(i + 1)
   }
 if ($i == "cmp") {
 cmp = $(i + 1)
}      }
printf "adb shell am startservice -a \033[1;34m'\''%s'\''\033[0m -n \033[1;32m'\''%s'\''\033[0m\n", act, cmp
}'

Find Broadcast Receiver for Currently Running Applications (follow services)

adb logcat | awk -F'[ =]' '/cmp=[^ ]+BroadcastReceiver[^ ]*/ {
for (i = 1; i <= NF; i++) {
    if ($i == "act") {
        act = $(i + 1)
    }
    if ($i == "cmp") {
        cmp = $(i + 1)
    }
}
printf "adb shell am broadcast -a \033[1;33m'%s'\033[0m -n \033[1;36m'%s'\033[0m\n", act, cmp
}'

Grep all services that can be launched with activity manager

adb logcat | awk '/act=[^ ]+/ && /cmp=[^ ]+Service[^ ]*/ {
    match($0, /act=[^ ]+/)
    act=substr($0, RSTART+4, RLENGTH-4)
    match($0, /cmp=[^ ]+Service[^ ]*/)
    cmp=substr($0, RSTART+4, RLENGTH-4)
    print "adb shell am startservice -a '\''" act "'\'' -n '\''" cmp "'\''"
}'

Grep all broadcasts

adb logcat | awk '{
    match($0, /act=[^ ]+/)
    act=substr($0, RSTART+4, RLENGTH-4)
    match($0, /cmp=[^ ]+/)
    cmp=substr($0, RSTART+4, RLENGTH-4)
    if (act && cmp) {
        print "adb shell am broadcast -a '\''" act "'\'' -n '\''" cmp "'\''"
    }
}'

Limit the Number of logcat Entries

adb logcat -n <count>

Randomize Colors for Each Field

adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 6) + 31  # Generate random color code from 31 to 36
        printf "\033[%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'

Randomize Colors for Each Field (Extended Range)

adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 216) + 16  # Generate random color code from 16 to 231
        printf "\033[38;5;%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'

Highlight 6th Field with Red

adb logcat | awk '{
    gsub(/\033\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]/, "")
    if (NF >= 6) {
        $6 = "\033[31m" $6 "\033[0m"
    }
    print
}'

Highlight Lines Containing 'Wifi' with Red

adb logcat | awk -v color="\033[31m" '{
    gsub(/\033\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]/, "")
    if (index($0, "Wifi") > 0 || index($0, "wifi") > 0) {
        gsub(/(Wifi|wifi)/, color "&" "\033[0m")
    }
    print
}'

Highlight all lines with red color before = and green behind

adb logcat | awk -F'=' '{
    if (NF > 1) {
        printf "\033[31m%s\033[0m=\033[32m", $1
        for (i = 2; i <= NF; i++) {
            printf "%s", $i
            if (i < NF) {
                printf "="
            }
        }
        printf "\033[0m\n"
    } else {
        print $0
    }
}'

Highlight Key-Value Pairs with Red and Green

adb logcat | awk -F= '{
    printf "\033[31m%s\033[0m=\033[32m%s\033[0m\n", $1, $2
}'

Highlight Lines Containing Specific Text

adb logcat | awk '{
    gsub("act=[^[:space:]]+", "\033[31m&\033[0m")
    print
}'

Highlight Lines Containing 'Permission Denied'

adb logcat | awk '{
    gsub("Permission Denied", "\033[31m&\033[0m")
    print
}'

Highlight Lines with Specific Component Names

adb logcat | awk '{
    gsub("cmp=[[:alnum:]_]+\\>", "\033[33m&\033[0m")
    print
}'

Highlight Every 5th Field with Blue if it match D

adb logcat | awk '{
    for (i=1; i<=NF; i++) {
        if (i % 5 == 0 && $i == "D")
            $i = "\033[34m" $i "\033[0m"
    }
    print
}'

Add Custom Timestamp format to logcat Entries

adb logcat -v brief | while read -r line; do
    echo "$(date +"[%Y-%m-%d|%H:%M:%S]")-$line"
done

Highlight First Field with Red color

adb logcat -v brief | awk -F/ '{
    sub(/./, "\033[31m&\033[0m", $1)
    print $1"/"$2
}'

Highlight Last Field with Red color

adb logcat -v brief | awk -F/ '{
    gsub(/[^[:space:]]+$/, "\033[31m&\033[0m", $2)
    print
}'

Capturing PACMAN Data

adb shell 'su -c logcat \
bt_userial_vendor:I \
BCService:E \
PACMService:I \
PACMSOCKET:D \
PACMClassifier:I \
PACMAN:I \
DataRouter:D \
CSSVC_USB:W \
FsCrypt:D \
UserDataPreparer:D \
FsCrypt:D \
CSSVC_USB:W \
System.err:W \
SatsServiceData:I \
ReactiveService:I \
ziparchive:W \
SamsungAnalytics200003:D \
keystore2:E \
RestrictionPolicy:D \
bt_userial_vendor:I \
coex_device:I \
nativeloader:D \
engmode_java_manager:I \
engmode_jni:I \
engmode_client_list:I \
engmode_steady:I \
engmode_world:I \
engmode_binder_server:I \
engmode_hidl_service:E \
HYPER-HAL:I \
KeySyncTask:D \
DeviceAdminInfo:W \
Watchdog:E \
DARUtil:D \
SDPLog:I \
SDPLog:D \
LockSettingsService:D \
hermesd:I \
SyntheticPasswordManager:D \
STAR_HAL:I \
keymaster_tee:W \
LockSettingsLog:I \
EnterpriseDeviceManagerService:D \
KeyguardSecAbsKeyInputViewController:D \
KeyguardViewBase:D \
keystore2:* \
*:S' | tee at-commanddds.log