在bash脚本中使用带grep的日志文件使用tail -f [英] Using tail -f on a log file with grep in bash script

问题描述

我想创建一个脚本来处理正在写入的日志文件中的特定字符串。我想把第一个结果放到一个变量中供以后使用。这将通过SSH连接使用，如下所示：

  ssh'user@xxx.xxx.xxx.xxx''bash  - s'< /usr/local/bin/checklog.sh string 
  

常规终端中的命令

  tail -f /var/log/named.log | grep $ 1> $ var 
 echo$ {var}
  

当我尝试上述方法时，没有输出

解决方案

使用 while 循环可能适用于您的情况，但请注意，不能保证记录日志文件的每一行。考虑一下这种情况：日志记录器包含一行写出两行的行为：

 发生了什么不好的事情：\\\
Error xyz on第22行
  

当循环执行<$ c时，很可能只会看到第二行$ c $>尾部-1 动作。

不仅如此，while循环实现意味着您将CPU循环旋转，关闭尾部命令（看看顶部，而 执行运行，与 tail -f ）。

这个问题有一些很好的建议，如果你只是想在模式匹配时停止监控。 （注意拖尾过程的问题。）

这个怪物可能不是最优的，但它捕捉每一行，在等待新行时使用最少的CPU，终止尾部完成后，可以灵活地编写一些额外的逻辑（如根据不同的匹配模式执行动作）：

  watchPattern = $ 1 
 logFile = / var / log / named.log 
 logLine =
 
 while read -r logLine;做
＃我们有比赛吗？ 
 if [[$ logLine== *$ watchPattern*]];然后
 #Confirmation消息写入控制台（例如，不需要）
回显找到匹配项。 
＃关闭尾进程（一次假设一次）
 kill $（ps -eo pid，command | awk -v pattern =tail -fn0 $ logFile' $ 0〜pattern&&！/ awk / {print $ 1}'）
＃离开这里
 break 
 fi 
完成< <（exec tail -fn0$ logFile）
 
 #logLine将是匹配值
 echomatch = $ logLine
  

I'd like to create a script that greps for a specific string in a log file that is being written to. I'd like to take the first result and put that into a variable for later use. This will be used though an SSH connection like so:

ssh 'user@xxx.xxx.xxx.xxx' 'bash -s' < /usr/local/bin/checklog.sh string

The command in a regular terminal

tail -f /var/log/named.log | grep $1 > $var
echo "${var}"

When I try the above method, there's no output

解决方案

Using a while loop may work for your situation, but be aware that it's not guaranteed to catch every line of the log file. Consider a situation where the log writer includes one action that writes out two lines:

Something bad just happened:\nError xyz on line 22

It's very likely that your loop will only see the second line when it performs the tail -1 action.

Not only that, but the while loop implementation means your spinning the CPU in a loop, constantly firing off tail commands (take a look at top while the while implementation runs, versus a tail -f).

This question has some good suggestions if you just want to stop monitoring once the pattern is matched. (Note the concerns of the tail process hanging around.)

This monstrosity is probably not optimal, but it catches every line, uses minimal CPU while waiting for new lines, terminates the tail when it's done, and gives you the flexibility to write in some extra logic (like performing actions based on different matched patterns):

watchPattern=$1
logFile=/var/log/named.log
logLine=""

while read -r logLine ; do
    #Do we have a match?
    if [[ "$logLine" == *"$watchPattern"* ]] ; then
        #Confirmation message, written to console (for example, not needed)
        echo "Found a match."
        #Kill off the tail process  (a bit of a hack that assumes one at a time)
        kill $(ps -eo pid,command | awk -v pattern="tail -fn0 $logFile" '$0 ~ pattern && !/awk/ {print $1}')
        #Get out of here
        break
    fi
done< <(exec tail -fn0 "$logFile")

#logLine will be the matched value
echo "match = $logLine"

这篇关于在bash脚本中使用带grep的日志文件使用tail -f的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！