I nearly forgot: Reading directly /proc/kmsg wipes it clean (it works like a FIFO). Beware. Studying the kernel source and the dmesg implementation will be useful. Peter