[CLUE-Tech] Tail -f + grep
Brandon N
bneill at yahoo.com
Thu Feb 1 13:55:29 MST 2001
--- Craig Magtutu <magtutu at yahoo.com> wrote:
>
> > We also discussed tail -f /var/log/messages which tails in real
> time the
> > message file. The one thing which I came up with was tailing the
> > message file, but also greping for specific lines, such as warnings
> or
> > maybe even hacks into your system. The idea was interesting, for
> those
> > that can verify this, I'd/we'd like to hear what your thought and
> > experience is.
>
> one unfortunate feature of tail is that when the file is deleted or
> replaced,
> the real-time tail'ing appears to stop.
>
> this problem is evident while watching my system log for ip-chains
> packet
> rejects. the following command continutes to work only until the cron
> daemon
> rotates the logs at the end of the week...
>
> tail -f /var/log/messages | grep REJECT
I think it does that because it accesses the file by inode number, I'll
bet if you were to add something to the file rotated out, it'd still
show it.
I must have missed the beginning of this thread, what exactly are we
trying to do. There are several programs listed on freshmeat that can
follow the logfiles and notify you on certain events.
Brandon
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
__________________________________________________
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
More information about the clue-tech
mailing list