HPE Community
Operating System - HP-UX
1832346 Members
2348 Online
110041 Solutions
New Discussion

Re: script to continously monitor a file

 
S.Venkatesh
Occasional Advisor

‎07-27-2001 01:39 AM

‎07-27-2001 01:39 AM

script to continously monitor a file

Hi Guys,

Was trying to write a script to monitor a file continously.
If a particular string is appended to that file then I wanted to log that
string to another file .

I was trying as below but does not help

tail -f /var/adm/syslog/sylog.log |grep "SIA"|cut -f 12-12 -d " " >>
/tmp/test

or
tail -f /var/adm/syslog/sylog.log |grep "SIA"|awk '{print $12}' >> /tmp/test


The command
tail -f /var/adm/syslog/sylog.log |grep "SIA"
works but if I want to pipe that output an other command or append the output to a file,it does not work.
for example:
tail -f /var/adm/syslog/sylog.log |grep "SIA">> /tmp/test

Appreciate your help on this.


Thanks and Regards
Venky

0 Kudos
Reply
5 REPLIES 5
Rainer von Bongartz
Honored Contributor

‎07-27-2001 01:49 AM

‎07-27-2001 01:49 AM

Re: script to continously monitor a file

I think you script will work.

What I discovered with this type of tail -f piping to other commands is that there seems to be a bit of buffering between tail and the other command.

Usually your output will come a bit later, at least this is what I have encournered.

He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎07-27-2001 02:02 AM

‎07-27-2001 02:02 AM

Re: script to continously monitor a file

Hi,

You can run the following script to perform what you have intended:
==
#!/sbin/sh
LOG=/var/adm/syslog/syslog.log

prev_no=0
while :;
do
curr_no=`wc -l $LOG|awk '{print $1}'`
tail -`expr $curr_no - $prev_no` $LOG | grep "SIA"|cut -f 12-12 -d " " >> /tmp/test
prev_no=curr_no
done
==

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
Jonathan Caplette
Regular Advisor

‎07-27-2001 05:16 AM

‎07-27-2001 05:16 AM

Re: script to continously monitor a file

Hi,

Maybe you can try to put ur command line in two separate lines, with a temporary variable like this (sometimes command lines work better if there's not a lot of piping...):

TEMP=`tail -f /var/adm/syslog.log | grep "SIA"`
echo $TEMP | awk '{print $12}' >> /tmp/test

Basically it does the same thing as the hole line does, but give it a shot...

hope this help!!
By
Jonathan

0 Kudos
Reply
S.Venkatesh
Occasional Advisor

‎08-02-2001 11:55 PM

‎08-02-2001 11:55 PM

Re: script to continously monitor a file

Hi guys,

Steven's idea did help me to a extent. I used his idea wrote a script, two scripts in fact.

One script "syslog-scan" continously scans the syslog file for the instance "stuck-in-active"
and on occurence logs this string to a file (siafile).

The second script "SIA" runs in the cron every 10 minutes and monitors the siafile for "stuck-in-active" string. If present, runs a TCL script. It also checks to see if the "syslog-scan" script is running, else restarts the "syslog-scan" script.

The scripts do work well, but due to some reason after about one day the the "SIA" restarts the "syslog-scan" script even if the syslog-scan is already running.

Below are the scripts, maybe i am missing something.
*********** syslog-scan script**********
#!/bin/sh
# Script to continously monitor the syslog file for the string "SIA" and log to a file on occurence
if [ -f /var/adm/syslog/syslog.log ]
then

TEST=/var/adm/syslog/syslog.log

prev_no=0
curr_no=`wc -l $TEST |awk '{print $1}'`

while ((prev_no <= curr_no))
do

#curr_no=`wc -l $TEST |awk '{print $1}'`
#echo "current no is $curr_no"
#echo $prev_no

tail -`expr $curr_no - $prev_no` $TEST |grep "SIA" |cut -f 12-12 -d " " >>/users/sriniv/sia-script/siafile
prev_no=$curr_no
curr_no=`wc -l $TEST |awk '{print $1}'`
sleep 5
done
fi
#echo "prev_no is greater"


***************SIA Script*********

#!/sbin/sh
SCAN=`ps -ef |grep "/users/sriniv/sia-script/syslog-scan"|awk '{print $9}'|sort -u`
TEST="/users/sriniv/sia-script/syslog-scan"

if [ "$SCAN" = "$TEST" ]
then
#echo
#echo "SYSLOG-SCAN Found Running"
#echo
#echo "Running SIA-need test "
VAR=`grep "stuck-in-active" /users/sriniv/sia-script/siafile`
test -n "$VAR"
#VAR=stuck-in-active
#grep $VAR /users/sriniv/sia-script/siafile >/dev/null

if [ "$?" -eq 0 ]
then
# echo "SIA run needed"
/users/kumark/script/sia-run >/dev/null 2>&1
cat /dev/null > /users/sriniv/sia-script/siafile
else
echo >/dev/null 2>&1
# echo "SIA run not needed now"
fi
else
echo "`date` :Syslog-scan NOT RUNNING, RESTARTING NOW !" >> /users/sriniv/sia-script/SIAlog
/users/sriniv/sia-script/syslog-scan&
fi
0 Kudos
Reply
Tapani Tarvainen
Advisor

‎08-12-2001 11:50 PM

‎08-12-2001 11:50 PM

Re: script to continously monitor a file

The reason the piping tail -f to grep, cut &c fail is that they'll buffer their I/O, so it only gets there in 8k or some such blocks. Some commands have on option to disable buffering (e.g., cat), but most do not.

One way to do it is using a shell loop to read the file line by line:

while true; do
if read line ;then
case "$line" in
*SIA*) print -r "$line" ;;
esac
fi
sleep 1
done whatever

You can use grep instead of case inside the if statement if the pattern gets too complex for case.

If you don't want to start from the beginning of the syslog file every time the script is started, you can combine that technique with tail -f:

tail -f syslog.log |
while true; do
...
done >whatever
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.