In your particular case, the ctime is sufficient because it would be highly unlikely the someone would chown or chmod this file --- if so, it would appear as a new file to you.
The attached Perl script, fileage.pl, will probably be of use.
I would store the last time in a file (if this file is not found then it is considered t new file).
#!/usr/bin/sh
typeset -i LASTTIME=0
typeset -i THISTIME=0
typeset TDIR=${TMPDIR:-/var/tmp}
typeset TSFILE=${TDIR}/logtimestamp
typeset LFILE=/xxx/yyy/mylog
itypeset -i STAT=0
if [[ -r ${TSFILE} ]]
then
LASTTIME=$(cat ${TSFILE})
else
LASTTIME=-1
fi
if [[ -r ${LFILE} ]]
then
THISTIME=$(fileage.pl -c -e)
if [[ ${THISTIME} -gt ${LASTIME} ]]
then
echo "New file"
echo "${THISTIME}" > ${LFILE}
else
echo "Old file"
fi
else
echo "No logfile, ${LFILE}, found." >&2
STAT=2
fi
exit ${STAT}
------------------------------------
You would need to make sure that the Perl script is executable and is in your PATH (as well as the perl executable itself).
Invoke as fileage.pl -u for full usage.
Cksum would be a rather pointless metric in this case be presumably a logfile would be undergoing nearly constant modification.
If it ain't broke, I can fix that.
