How to continuously tail a log, find all files (sed), and display (cat) the found files
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
How to I continuously tail -f
a log, find all files (sed
), and display (cat
) the found files
example data in audit logs.
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g'
output
./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF
./apache/20180508/20180508-1428/20180508-142803-WvH6QgoeANwAAMwtFfcAAAAG
./apache/20180508/20180508-1428/20180508-142803-WvH6QwoeANwAAMwuFlUAAAAH
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwnE@4AAAAA
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwoFD8AAAAB
./apache/20180508/20180508-1516/20180508-151608-WvIFiAoeANwAAMz1FSwAAAAA
./apache/20180508/20180508-1516/20180508-151609-WvIFiQoeANwAAMz2FYIAAAAB
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz3FeEAAAAC
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz4Fj4AAAAD
./apache/20180508/20180508-2112/20180508-211205-WvJY9QoeANwAAM1MFCoAAAAA
works with echo
echo "./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
works with cat
cat /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
does not work with tail...
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
I assume the tailing does not work because the script never terminates and sed
is still caching the results until termination of the script.
Is there a way to make this work, continuously?
sed tail
add a comment |Â
up vote
1
down vote
favorite
How to I continuously tail -f
a log, find all files (sed
), and display (cat
) the found files
example data in audit logs.
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g'
output
./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF
./apache/20180508/20180508-1428/20180508-142803-WvH6QgoeANwAAMwtFfcAAAAG
./apache/20180508/20180508-1428/20180508-142803-WvH6QwoeANwAAMwuFlUAAAAH
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwnE@4AAAAA
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwoFD8AAAAB
./apache/20180508/20180508-1516/20180508-151608-WvIFiAoeANwAAMz1FSwAAAAA
./apache/20180508/20180508-1516/20180508-151609-WvIFiQoeANwAAMz2FYIAAAAB
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz3FeEAAAAC
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz4Fj4AAAAD
./apache/20180508/20180508-2112/20180508-211205-WvJY9QoeANwAAM1MFCoAAAAA
works with echo
echo "./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
works with cat
cat /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
does not work with tail...
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
I assume the tailing does not work because the script never terminates and sed
is still caching the results until termination of the script.
Is there a way to make this work, continuously?
sed tail
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
How to I continuously tail -f
a log, find all files (sed
), and display (cat
) the found files
example data in audit logs.
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g'
output
./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF
./apache/20180508/20180508-1428/20180508-142803-WvH6QgoeANwAAMwtFfcAAAAG
./apache/20180508/20180508-1428/20180508-142803-WvH6QwoeANwAAMwuFlUAAAAH
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwnE@4AAAAA
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwoFD8AAAAB
./apache/20180508/20180508-1516/20180508-151608-WvIFiAoeANwAAMz1FSwAAAAA
./apache/20180508/20180508-1516/20180508-151609-WvIFiQoeANwAAMz2FYIAAAAB
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz3FeEAAAAC
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz4Fj4AAAAD
./apache/20180508/20180508-2112/20180508-211205-WvJY9QoeANwAAM1MFCoAAAAA
works with echo
echo "./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
works with cat
cat /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
does not work with tail...
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
I assume the tailing does not work because the script never terminates and sed
is still caching the results until termination of the script.
Is there a way to make this work, continuously?
sed tail
How to I continuously tail -f
a log, find all files (sed
), and display (cat
) the found files
example data in audit logs.
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g'
output
./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF
./apache/20180508/20180508-1428/20180508-142803-WvH6QgoeANwAAMwtFfcAAAAG
./apache/20180508/20180508-1428/20180508-142803-WvH6QwoeANwAAMwuFlUAAAAH
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwnE@4AAAAA
./apache/20180508/20180508-1513/20180508-151357-WvIFBQoeANwAAMwoFD8AAAAB
./apache/20180508/20180508-1516/20180508-151608-WvIFiAoeANwAAMz1FSwAAAAA
./apache/20180508/20180508-1516/20180508-151609-WvIFiQoeANwAAMz2FYIAAAAB
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz3FeEAAAAC
./apache/20180508/20180508-1516/20180508-151611-WvIFiwoeANwAAMz4Fj4AAAAD
./apache/20180508/20180508-2112/20180508-211205-WvJY9QoeANwAAM1MFCoAAAAA
works with echo
echo "./apache/20180508/20180508-1428/20180508-142802-WvH6QgoeANwAAMwsFZ4AAAAF" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
works with cat
cat /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
does not work with tail...
tail -f /var/log/httpd/modsec_audit.log | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
I assume the tailing does not work because the script never terminates and sed
is still caching the results until termination of the script.
Is there a way to make this work, continuously?
sed tail
edited May 9 at 5:14
Filipe Brandenburger
3,451521
3,451521
asked May 9 at 3:28
Artistan
23825
23825
add a comment |Â
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
1
down vote
accepted
Buffering is getting in the way.
Use a while read line
from the shell, which should read line-by-line and avoid most problems with buffering:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
echo "$line" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
done
Though you can probably do better than that, by using shell (bash) to match the filename from the log line too:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
line=$line/*([^/])/.
line=$line%]*
[[ -n "$line" ]] && cat "$line"
done
2
Not only buffering, plainxargs
would read as many arguments as possible before executingcat
.xargs -n 1 cat
may solve that.
â Kusalananda
May 9 at 6:18
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
@Artistan You can callbreak
from within thewhile
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations oftail -f
in Python that you can reuse.
â Filipe Brandenburger
May 9 at 13:05
1
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
add a comment |Â
up vote
1
down vote
try with this:
tail -f /var/log/httpd/modsec_audit.log | stdbuf -oL sed 's/[^/]*/./;s/].*$//g' | stdbuf -oL awk 'print $0' | while IFS='' read -r file; do cat $file ; done
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
Buffering is getting in the way.
Use a while read line
from the shell, which should read line-by-line and avoid most problems with buffering:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
echo "$line" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
done
Though you can probably do better than that, by using shell (bash) to match the filename from the log line too:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
line=$line/*([^/])/.
line=$line%]*
[[ -n "$line" ]] && cat "$line"
done
2
Not only buffering, plainxargs
would read as many arguments as possible before executingcat
.xargs -n 1 cat
may solve that.
â Kusalananda
May 9 at 6:18
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
@Artistan You can callbreak
from within thewhile
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations oftail -f
in Python that you can reuse.
â Filipe Brandenburger
May 9 at 13:05
1
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
add a comment |Â
up vote
1
down vote
accepted
Buffering is getting in the way.
Use a while read line
from the shell, which should read line-by-line and avoid most problems with buffering:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
echo "$line" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
done
Though you can probably do better than that, by using shell (bash) to match the filename from the log line too:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
line=$line/*([^/])/.
line=$line%]*
[[ -n "$line" ]] && cat "$line"
done
2
Not only buffering, plainxargs
would read as many arguments as possible before executingcat
.xargs -n 1 cat
may solve that.
â Kusalananda
May 9 at 6:18
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
@Artistan You can callbreak
from within thewhile
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations oftail -f
in Python that you can reuse.
â Filipe Brandenburger
May 9 at 13:05
1
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
Buffering is getting in the way.
Use a while read line
from the shell, which should read line-by-line and avoid most problems with buffering:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
echo "$line" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
done
Though you can probably do better than that, by using shell (bash) to match the filename from the log line too:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
line=$line/*([^/])/.
line=$line%]*
[[ -n "$line" ]] && cat "$line"
done
Buffering is getting in the way.
Use a while read line
from the shell, which should read line-by-line and avoid most problems with buffering:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
echo "$line" | sed 's/[^/]*/./;s/].*$//g' | awk 'print $0' | xargs cat
done
Though you can probably do better than that, by using shell (bash) to match the filename from the log line too:
tail -f /var/log/httpd/modsec_audit.log | while read line; do
line=$line/*([^/])/.
line=$line%]*
[[ -n "$line" ]] && cat "$line"
done
answered May 9 at 5:59
Filipe Brandenburger
3,451521
3,451521
2
Not only buffering, plainxargs
would read as many arguments as possible before executingcat
.xargs -n 1 cat
may solve that.
â Kusalananda
May 9 at 6:18
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
@Artistan You can callbreak
from within thewhile
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations oftail -f
in Python that you can reuse.
â Filipe Brandenburger
May 9 at 13:05
1
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
add a comment |Â
2
Not only buffering, plainxargs
would read as many arguments as possible before executingcat
.xargs -n 1 cat
may solve that.
â Kusalananda
May 9 at 6:18
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
@Artistan You can callbreak
from within thewhile
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations oftail -f
in Python that you can reuse.
â Filipe Brandenburger
May 9 at 13:05
1
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
2
2
Not only buffering, plain
xargs
would read as many arguments as possible before executing cat
. xargs -n 1 cat
may solve that.â Kusalananda
May 9 at 6:18
Not only buffering, plain
xargs
would read as many arguments as possible before executing cat
. xargs -n 1 cat
may solve that.â Kusalananda
May 9 at 6:18
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
I like it! Is there a way to break out of the loop if i put this into a custom method?
â Artistan
May 9 at 12:56
@Artistan You can call
break
from within the while
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations of tail -f
in Python that you can reuse.â Filipe Brandenburger
May 9 at 13:05
@Artistan You can call
break
from within the while
loop, that will work. If using a language such as Python is an option for you as well, that gives you even more flexibility to process the log file. Google for it, you'll find implementations of tail -f
in Python that you can reuse.â Filipe Brandenburger
May 9 at 13:05
1
1
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
Thanks again @FilipeBrandenburger. - my result is here, if you have any suggestions for improvements gist.github.com/Artistan/981e4b20e539b092b018fa1ad20e1219
â Artistan
May 9 at 15:08
add a comment |Â
up vote
1
down vote
try with this:
tail -f /var/log/httpd/modsec_audit.log | stdbuf -oL sed 's/[^/]*/./;s/].*$//g' | stdbuf -oL awk 'print $0' | while IFS='' read -r file; do cat $file ; done
add a comment |Â
up vote
1
down vote
try with this:
tail -f /var/log/httpd/modsec_audit.log | stdbuf -oL sed 's/[^/]*/./;s/].*$//g' | stdbuf -oL awk 'print $0' | while IFS='' read -r file; do cat $file ; done
add a comment |Â
up vote
1
down vote
up vote
1
down vote
try with this:
tail -f /var/log/httpd/modsec_audit.log | stdbuf -oL sed 's/[^/]*/./;s/].*$//g' | stdbuf -oL awk 'print $0' | while IFS='' read -r file; do cat $file ; done
try with this:
tail -f /var/log/httpd/modsec_audit.log | stdbuf -oL sed 's/[^/]*/./;s/].*$//g' | stdbuf -oL awk 'print $0' | while IFS='' read -r file; do cat $file ; done
answered May 9 at 5:58
matsib.dev
14613
14613
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f442672%2fhow-to-continuously-tail-a-log-find-all-files-sed-and-display-cat-the-foun%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password