ArcShell

Log File Monitoring: Part 1

How To Read New Lines From A Log File

ArcShell includes a module for building and deploying log file monitors called arcshell_logmon.sh.

Let’s take a look at the function logmon_read_file which efficiently returns new lines from the log files you monitor.

1 :  
2 :  # Let's create a log file to monitor.
3 :  echo 'Hello World' >> '/tmp/mylog.log'
4 :  

Now monitor the log with logmon_read_log.

1 :  
2 :  logmon_read_log '/tmp/mylog.log'
3 :  

logmon_read_log doesn’t return new rows the first time is sees a file unless the ‘-new’ argument is provided.

Add a couple rows to the log file and call read log again.

1 :  
2 :  echo 'Fire' >> '/tmp/mylog.log'
3 :  echo 'Dog' >> '/tmp/mylog.log'
4 :  logmon_read_log '/tmp/mylog.log'
5 :  
Fire
Dog

This time the function returns the new lines. And that’s how logmon_read_log works. Check a file every minute or every month. It’s up to you.

Need more help? Run the following.

1 :  
2 :  # Get help (ArcShell should be sourced into your environment).
3 :  logmon_help
4 :  
5 :  # For extra help run 'logmon_help -a' or 'logmon_help -aa'.
6 :  
> logmon_read_log [-new,-n] [-max,-m X] "file_path"
> logmon_handle_log [-stdin] [-meta "X"] ["source_file"] "log_handler"
> logmon_extract [-ignorecase, -i] [-buffer,-b X] ["regex"]
> logmon_grep [-i] [-buffer,-b X] ["regex"]
> logmon_write [-buffer,-b X] [buffer_no]
> logmon_remove [-i] [-buffer,-b X] ["regex"]
> logmon_meta_value