Skip to content

Navigating the Depths of Android Logcat

Print stats

adb logcat -S

Display the priority/tag only

adb logcat -v tag

Display priority/tag and PID

adb logcat -v brief

Display PID only

adb logcat -v process

Display the raw log message

adb logcat -v raw

Display priority, PID, and TID

adb logcat -v thread

Display date, invocation time, priority, tag, PID, and TID

adb logcat -v threadtime

Display date, invocation time, priority/tag, and PID

adb logcat -v time

Clear (flush) the entire log and exit

adb logcat -c

Dump the log and then exit

adb logcat -d

Print a certain number of lines and exit

adb logcat -m 100

Filter to only show Verbose level

adb logcat *:V

Filter to only show Debug level

adb logcat *:D

Filter to only show Info level

adb logcat *:I

Filter to only show Warning level

adb logcat *:W

Filter to only show Error level

adb logcat *:E

Filter to only show Fatal level

adb logcat *:F

Silent mode

adb logcat *:S

Radio - View the buffer that contains radio/telephony related messages

adb logcat -b radio

Event - View the buffer containing events-related messages

adb logcat -b events

Main - Default buffer

adb logcat -b main

Dump logs from prior to the last reboot from pstore

adb logcat -L

Advanced Logcat Commands

All commands/scripts in this section is done by Patrik Gissleholm and is under MIT License

Highlight Specific String in adb logcat Output Using Custom Colors 
adb logcat | awk '{
    gsub("telia", "\033[1;31m\033[47mT\033[32m\033[33me\033[34ml\033[1;36mi\033[1;35ma\033[0m")
    print
}'

HIglight specifik strings in adb logcat Output Using Custom Colors

adb logcat | awk '{
    gsub("telia", "\033[1;31m\033[47mT\033[32m\033[33me\033[34ml\033[1;36mi\033[1;35ma\033[0m")
    gsub("wifi", "\033[1;33m\033[47mW\033[32m\033[33mi\033[34mf\033[1;36mi\033[1;35ma\033[0m")
    print
}'
Logcat application by pid 
adb shell su -c logcat --pid=$(adb shell su -c ps -A|grep -i com.sec.android.app.parser|awk '{print $2}')
Filter logs by specific tag name 
adb logcat -s "tagname"
Filter multiple tags 
adb logcat ActivityManager:I MyApp:D *:S
Redirect output to a file 
adb logcat > myfile.txt
Use grep for filtering 
adb logcat | grep "tagname"
Rotate Logs 
adb logcat -f /sdcard/myapp.log -r 5000 -n 10
Print colored output 
adb logcat -C
Regex filter 
adb logcat | grep -E '^(?=.*Exception)(?=.*Activity)'
Printing Log Entries Related to Lock Settings 
adb logcat| grep "LockSettingsService\|LockPatternUtilsKeyStorage\|vold\|vold\|keystore2\|keymaster_tee\|LockSettingsService\|vold_prepare_subdirs"
Hilight Matched Lines by Red Backgrond 
adb logcat | awk '
{
    line = tolower($0)
    if (line ~ /key/) {
        printf "\033[41m%s\033[0m\n", $0
    } else {
        print
    }
}
'
Create SubSettings Commands 
adb logcat | grep -i "SecTileUtils: Found" | awk '{
    match($0, /Found ([^ ]+) for intent/, arr)
    if (arr[1]) {
        gsub(/\$/, "\\$", arr[1])  # Escape dollar signs
        sub(/com.android.settings/, "com.android.settings/", arr[1])  
        printf "adb shell am start -n '\''%s'\''\n", arr[1] 
    }
}'
Create adb shell commands for received broadcasts 
adb logcat | awk '
/Received BROADCAST.*SCREEN_ON/ {
    match($0, /pkg=[^ ]+/, pkgArr)
    match($0, /act=[^ ]+/, actArr)
    match($0, /cmp=[^ ]+/, cmpArr)
    if (pkgArr[0] && actArr[0] && cmpArr[0]) {
        pkg = substr(pkgArr[0], 5)
        act = substr(actArr[0], 5)
        cmp = substr(cmpArr[0], 5)
        printf "adb shell am broadcast -a \033[1;33m'%s'\033[0m -n \033[1;36m'%s'\033[0m\n", act, cmp
    }
}'
Custom Timestamp Format for adb logcat 
adb logcat -v brief | while read -r line; do
    echo "$(date +"[%Y-%m-%d|%H:%M:%S]")-$line"
done
Colorize specifik tags and field 5 
 adb logcat | awk '/(SyntheticPasswordManager|SyntheticPasswordCrypto|ResumeOnRebootServiceProvider|RebootEscrowProviderServerBased|RebootEscrowProviderHal|RebootEscrowManager|     RebootEscrowKeyStoreManager|PasswordSlotManager|ManagedProfilePasswordCache|LockSettings|LockSettingsDB|LockSettingsStorage|LockSettingsService|BiometricDeferredQueue)/ {
     if ($5 == "V")
         $5 = "\033[36m" $5 "\033[0m"
     else if ($5 == "D")
         $5 = "\033[34m" $5 "\033[0m"
     else if ($5 == "I")
         $5 = "\033[32m" $5 "\033[0m"
     else if ($5 == "W")
         $5 = "\033[33m" $5 "\033[0m"
     else if ($5 == "E")
         $5 = "\033[31m" $5 "\033[0m"
     else if ($5 == "F")
         $5 = "\033[31;1m" $5 "\033[0m"
     else if ($5 == "S")
         $5 = "\033[35m" $5 "\033[0m"

     if ($6 == "DEBUG")
         $6 = "\033[32m" $6 "\033[0m"
     else if ($6 == "INFO")
         $6 = "\033[35m" $6 "\033[0m"
     else if ($6 == "WARN")
         $6 = "\033[33m" $6 "\033[0m"
     else if ($6 == "ERROR")
         $6 = "\033[31m" $6 "\033[0m"

     print
 }'
This command colors all the activities in red 
adb logcat | awk '{
    gsub("act=[^[:space:]]+", "\033[31m&\033[0m")
    print
}'
Colrorize tags + verbose same color entire line (different for each) 
adb logcat -s 'SyntheticPasswordManager' 'SyntheticPasswordCrypto' 'ResumeOnRebootServiceProvider' 'RebootEscrowProviderServerBased' 'RebootEscrowProviderHal' 'RebootEscrowManager' 'RebootEscrowKeyStoreManager' 'PasswordSlotManager' 'ManagedProfilePasswordCache' 'LockSettings' 'LockSettingsDB' 'LockSettingsStorage' 'LockSettingsService' 'BiometricDeferredQueue' | awk '{if (($5 in seen) || ($6 in seen)) printf "\033[1;31m%s\033[0m\n", $0; else seen[$5]; seen[$6]}'
Colorize Variable 
adb logcat | awk -F= '{
    printf "%s\033[31m%s\033[0m%s\n", $1, "=", $2
}'
Colrorize tags + verbose same color column 5 and 6 
adb logcat -s 'SyntheticPasswordManager' 'SyntheticPasswordCrypto' 'ResumeOnRebootServiceProvider' 'RebootEscrowProviderServerBased' 'RebootEscrowProviderHal' 'RebootEscrowManager'    'RebootEscrowKeyStoreManager' 'PasswordSlotManager' 'ManagedProfilePasswordCache' 'LockSettings' 'LockSettingsDB' 'LockSettingsStorage' 'LockSettingsService' 'BiometricDeferredQueue' | awk '{for(    i=1; i<=NF; i++) {if ((i==5 || i==6) && ($i in seen)) $i="\033[1;31m"$i"\033[0m"; else if (i==5 || i==6) seen[$i]++;} print}'
Mixing logcat and color 
adb logcat -v brief -v color  'AppOps' 'SyntheticPasswordManager' 'SyntheticPasswordCrypto' 'ResumeOnRebootServiceProvider' 'RebootEscrowProviderServerBased' 'RebootEscrowProviderHal'     'RebootEscrowManager' 'RebootEscrowKeyStoreManager' 'PasswordSlotManager' 'ManagedProfilePasswordCache' 'LockSettings' 'LockSettingsDB' 'LockSettingsStorage' 'LockSettingsService'     'BiometricDeferredQueue' | awk '{for(i=1; i<=NF; i++) {if (i==5 && ($i in seen)) $i="\033[1;31m"$i"\033[0m"; else if (i==5) seen[$i]++;} print}'
Colorize Only Info Levels (Field 5) 
adb logcat | awk '{
    if ($5 == "V")
        $5 = "\033[36m" $5 "\033[0m"
    else if ($5 == "D")
        $5 = "\033[34m" $5 "\033[0m"
    else if ($5 == "I")
        $5 = "\033[32m" $5 "\033[0m"
    else if ($5 == "W")
        $5 = "\033[33m" $5 "\033[0m"
    else if ($5 == "E")
        $5 = "\033[31m" $5 "\033[0m"
    else if ($5 == "F")
        $5 = "\033[31;1m" $5 "\033[0m"
    else if ($5 == "S")
        $5 = "\033[35m" $5 "\033[0m"
    print
}'
Colorize Every Column 
adb logcat -v brief | awk '{
    gsub(/^D/, "\033[34m&\033[0m", $1)                  ### Colorize "D" column in blue
    gsub(/SemNscXgbMsL1/, "\033[33m&\033[0m", $2)       ### Colorize "SemNscXgbMsL1" column in yellow
    gsub(/^.*: /, "\033[31m&\033[0m", $0)               ### Colorize message column in red
    print
}'
Colorize Output to Rainbow 
adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 6) + 31                    ### Generate random color code from 31 to 36
        printf "\033[%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'
Colorize output to Rainbow colors 
adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 216) + 16                  ### Generate random color code from 16 to 231
        printf "\033[38;5;%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'
Generate activity commands for adb 
adb logcat | awk -F'[ ={}]+|\\.' '/WindowManager:   taskInfo=TaskInfo/ {
        match($0, /cmp=[^ ]+/);
        cmp=substr($0, RSTART+4, RLENGTH-4);
        print "adb shell am start -n", cmp
    }'
Start logcat in the background and redirect output to a pipe for callback services 
adb logcat | awk -F'[ =]' '/act=[^ ]+/ && /cmp=[^ ]+Service[^ ]*/ {
    for (i = 1; i <= NF; i++) {
        if ($i == "act") {
            act = $(i + 1)
        }
        if ($i == "cmp") {
            cmp = $(i + 1)
        }
    }
    printf "adb shell am startservice -a \033[1;34m'\''%s'\''\033[0m -n \033[1;32m'\''%s'\''\033[0m\n", act, cmp
}'
Monitor WindowManager and create am start commands 
adb logcat | awk -F'[ ={}]+|\\.' '/WindowManager:   taskInfo=TaskInfo/ {
    match($0, /cmp=[^ ]+/);
    cmp=substr($0, RSTART+4, RLENGTH-4);
    printf "%s%s%s\n", "\033[36madb shell am start -n ", cmp, "\033[0m"
} END {
    printf "%s%s%s\n", "\033[36madb shell am start -n ", cmp, "\033[0m"
}'
Find Activities for Currently Running Applications (follow activities) 
 adb logcat | awk '
 /act=android.intent.action.MAIN/ && /cmp=/ {
    match($0, /act=[^ ]+/);
    act=substr($0, RSTART+4, RLENGTH-4);
    match($0, /cmp=[^ ]+/);
    cmp=substr($0, RSTART+4, RLENGTH-4);
    printf "adb shell am start -a '\''";
    printf "\033[38;5;202m" act "\033[0m";
    printf "'\'' -n '\''";
    printf "\033[38;5;46m" cmp "\033[0m";
    print "'\''"
 }'
Find Services for Currently Running Applications (follow services) 
adb logcat | awk -F'[ =]' '/act=[^ ]+/ && /cmp=[^ ]+Service[^ ]*/ {
for (i = 1; i <= NF; i++) {
    if ($i == "act") {
     act = $(i + 1)
   }
 if ($i == "cmp") {
 cmp = $(i + 1)
}      }
printf "adb shell am startservice -a \033[1;34m'\''%s'\''\033[0m -n \033[1;32m'\''%s'\''\033[0m\n", act, cmp
}'
Find Broadcast Receiver for Currently Running Applications (follow services) 
adb logcat | awk -F'[ =]' '/cmp=[^ ]+BroadcastReceiver[^ ]*/ {
for (i = 1; i <= NF; i++) {
    if ($i == "act") {
        act = $(i + 1)
    }
    if ($i == "cmp") {
        cmp = $(i + 1)
    }
}
printf "adb shell am broadcast -a \033[1;33m'%s'\033[0m -n \033[1;36m'%s'\033[0m\n", act, cmp
}'
Grep all services that can be launched with activity manager 
adb logcat | awk '/act=[^ ]+/ && /cmp=[^ ]+Service[^ ]*/ {
    match($0, /act=[^ ]+/)
    act=substr($0, RSTART+4, RLENGTH-4)
    match($0, /cmp=[^ ]+Service[^ ]*/)
    cmp=substr($0, RSTART+4, RLENGTH-4)
    print "adb shell am startservice -a '\''" act "'\'' -n '\''" cmp "'\''"
}'
Grep all broadcasts 
adb logcat | awk '{
    match($0, /act=[^ ]+/)
    act=substr($0, RSTART+4, RLENGTH-4)
    match($0, /cmp=[^ ]+/)
    cmp=substr($0, RSTART+4, RLENGTH-4)
    if (act && cmp) {
        print "adb shell am broadcast -a '\''" act "'\'' -n '\''" cmp "'\''"
    }
}'
Limit the Number of logcat Entries 
adb logcat -n <count>
Randomize Colors for Each Field 
adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 6) + 31  # Generate random color code from 31 to 36
        printf "\033[%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'
Randomize Colors for Each Field (Extended Range) 
adb logcat -v brief | awk '{
    srand()  # Randomize the seed for each line
    for (i = 1; i <= NF; i++) {
        color = int(rand() * 216) + 16  # Generate random color code from 16 to 231
        printf "\033[38;5;%dm%s\033[0m ", color, $i
    }
    printf "\n"
}'
Highlight 6th Field with Red 
adb logcat | awk '{
    gsub(/\033\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]/, "")
    if (NF >= 6) {
        $6 = "\033[31m" $6 "\033[0m"
    }
    print
}'
Highlight Lines Containing 'Wifi' with Red 
adb logcat | awk -v color="\033[31m" '{
    gsub(/\033\[([0-9]{1,2}(;[0-9]{1,2})?)?[mGK]/, "")
    if (index($0, "Wifi") > 0 || index($0, "wifi") > 0) {
        gsub(/(Wifi|wifi)/, color "&" "\033[0m")
    }
    print
}'
Highlight all lines with red color before = and green behind 
adb logcat | awk -F'=' '{
    if (NF > 1) {
        printf "\033[31m%s\033[0m=\033[32m", $1
        for (i = 2; i <= NF; i++) {
            printf "%s", $i
            if (i < NF) {
                printf "="
            }
        }
        printf "\033[0m\n"
    } else {
        print $0
    }
}'
Highlight Key-Value Pairs with Red and Green 
adb logcat | awk -F= '{
    printf "\033[31m%s\033[0m=\033[32m%s\033[0m\n", $1, $2
}'
Highlight Lines Containing Specific Text 
adb logcat | awk '{
    gsub("act=[^[:space:]]+", "\033[31m&\033[0m")
    print
}'
Highlight Lines Containing 'Permission Denied' 
adb logcat | awk '{
    gsub("Permission Denied", "\033[31m&\033[0m")
    print
}'
Highlight Lines with Specific Component Names 
adb logcat | awk '{
    gsub("cmp=[[:alnum:]_]+\\>", "\033[33m&\033[0m")
    print
}'
Highlight Every 5th Field with Blue if it match D 
adb logcat | awk '{
    for (i=1; i<=NF; i++) {
        if (i % 5 == 0 && $i == "D")
            $i = "\033[34m" $i "\033[0m"
    }
    print
}'
Add Custom Timestamp format to logcat Entries 
adb logcat -v brief | while read -r line; do
    echo "$(date +"[%Y-%m-%d|%H:%M:%S]")-$line"
done
Highlight First Field with Red color 
adb logcat -v brief | awk -F/ '{
    sub(/./, "\033[31m&\033[0m", $1)
    print $1"/"$2
}'
Highlight Last Field with Red color 
adb logcat -v brief | awk -F/ '{
    gsub(/[^[:space:]]+$/, "\033[31m&\033[0m", $2)
    print
}'
Capturing PACMAN Data 
adb shell 'su -c logcat \
bt_userial_vendor:I \
BCService:E \
PACMService:I \
PACMSOCKET:D \
PACMClassifier:I \
PACMAN:I \
DataRouter:D \
CSSVC_USB:W \
FsCrypt:D \
UserDataPreparer:D \
FsCrypt:D \
CSSVC_USB:W \
System.err:W \
SatsServiceData:I \
ReactiveService:I \
ziparchive:W \
SamsungAnalytics200003:D \
keystore2:E \
RestrictionPolicy:D \
bt_userial_vendor:I \
coex_device:I \
nativeloader:D \
engmode_java_manager:I \
engmode_jni:I \
engmode_client_list:I \
engmode_steady:I \
engmode_world:I \
engmode_binder_server:I \
engmode_hidl_service:E \
HYPER-HAL:I \
KeySyncTask:D \
DeviceAdminInfo:W \
Watchdog:E \
DARUtil:D \
SDPLog:I \
SDPLog:D \
LockSettingsService:D \
hermesd:I \
SyntheticPasswordManager:D \
STAR_HAL:I \
keymaster_tee:W \
LockSettingsLog:I \
EnterpriseDeviceManagerService:D \
KeyguardSecAbsKeyInputViewController:D \
KeyguardViewBase:D \
keystore2:* \
*:S' | tee at-commanddds.log