"Tailing" grep
Adam Funk
a24061 at ducksburg.com
Fri Oct 5 09:52:52 UTC 2007
On 2007-10-03, James Gray wrote:
> From: "Adam Funk"
> Sent: Monday, October 1, 2007 11:05:55 PM (GMT+1000) Australia/Sydney
>
>> On 2007-09-30, Brian Fahrlander wrote:
>>> While we've got the attention of the most-able on this subject, I'd
>>> like to reopen a discussion about a very similar tool: a 'grep' that
>>> happens on tailing a file. There have been dozens of times that I'm
>>> looking for a message number in /var/log/mail.log and would love to see
>>> only the lines mentioning that message.
>>>
>>> A couple of years ago I asked and got a "maybe you could write
>>> something", but I actually never could. It's not as easy as it looks.
>>>
>>> Any chance you guys have seen this done?
>>
>>If you're interested in doing this within a script called by cron or
>>at, you might want to look at the logtail package (which is used by
>>logcheck).
>
> I've always just done something like this:
> tail --follow=name --retry <logfile> | grep "some string"
>
> You can even get fancier with awk:
> tail --follow=name --retry <logfile> | awk '/some string/ { print $1, $3 }'
>
> This will match lines with "some string" in them, then only print the first and third fields (field delimited by white space). To change the field delimiters, use "-F" with awk. Using awk is handy as you can use all the nice awk math and text manipulators and re-order fields to suit your needs.
>
> I didn't find the OP's original thread so I'm not sure if Brian was after something to use in a script running in the background, or whether he was after a "live" display (in a terminal etc).
>
> Usual disclaimers apply, and as always "man" is your friend :)
Interesting, thanks.
More information about the ubuntu-users
mailing list