LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 06-10-2011, 03:27 PM   #1
GeekyAdam
LQ Newbie
 
Registered: Aug 2010
Location: Erie, PA
Distribution: Ubuntu 10.04
Posts: 13

Rep: Reputation: 0
Question grep not working right with colortail


Put simply, this command won't work:
Code:
colortail /var/log/auth.log |grep -a "sshd"
However, these commands work perfectly:
Code:
colortail /var/log/vsftpd.log
colortail /var/log/auth.log
colortail /var/log/vsftpd.log |grep -a "pid 1"
tail /var/log/auth.log |grep "password"
I apologize but I don't want to copy and paste any output, as both files hold somewhat sensitive information, obviously.

In case you didn't know, the "-a" option in grep reads binary data as text, which is necessary for colortail's color output.

I'm left to assume that the problem must lie in the difference between the two files, which is only the owner:
Code:
me@ubuntu:~$ ls -l /var/log/auth.log
-rw-r----- 1 syslog adm 79813 2011-06-10 16:17 /var/log/auth.log
me@ubuntu:~$ ls -l /var/log/vsftpd.log
-rw-r----- 1 root adm 2827 2011-06-10 15:26 /var/log/vsftpd.log
So, grep works with colortail with files owned by root, but not syslog?

Running Ubuntu Server 10.04 + vsftpd 2.2.2
 
Old 06-10-2011, 03:49 PM   #2
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,488

Rep: Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956
Quote:
Originally Posted by GeekyAdam View Post
Put simply, this command won't work:
Code:
colortail /var/log/auth.log |grep -a "sshd"
What exactly means "this command won't work"? Any error messages? Does it not show the expected output? If the user belongs to the adm group, it should be able to read and parse these files. What does you make to suspect it's a problem related to the owner of the files?
 
Old 06-10-2011, 03:58 PM   #3
GeekyAdam
LQ Newbie
 
Registered: Aug 2010
Location: Erie, PA
Distribution: Ubuntu 10.04
Posts: 13

Original Poster
Rep: Reputation: 0
By "doesn't work" I mean it's not outputting anything when it should be.
The reason I think the problem is with the file owners is because thats the only difference between the files that I can tell.
I am in the adm group, which makes me wonder why colortail piped to grep isn't working.
 
Old 06-10-2011, 04:08 PM   #4
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,488

Rep: Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956
colortail adds extra control characters to every single char of input, so that a colorized word like sshd becomes
Code:
033[1;34ms033[1;34ms033[1;34mh033[1;34md
and grep fails because the pattern sshd doesn't exist anymore. A possible solution is to feed colortail with the previously parsed file using process substitution, e.g.
Code:
colortail -k conf.auth <(grep sshd /var/log/auth.log)
 
Old 06-11-2011, 02:02 PM   #5
GeekyAdam
LQ Newbie
 
Registered: Aug 2010
Location: Erie, PA
Distribution: Ubuntu 10.04
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by colucix View Post
colortail adds extra control characters to every single char of input, so that a colorized word like sshd becomes
Code:
033[1;34ms033[1;34ms033[1;34mh033[1;34md
and grep fails because the pattern sshd doesn't exist anymore. A possible solution is to feed colortail with the previously parsed file using process substitution, e.g.
Code:
colortail -k conf.auth <(grep sshd /var/log/auth.log)
I understand what you mean, grep isn't finding "sshd" because its "color-coded".
However, I tried that process substitution line you provided and it just output auth.log without colors, as if it was just "tail" rather than "colortail".
Is there a more elegant solution, like maybe telling grep to ignore those 033[1;34m modifiers? so that rather than this...
Code:
033[1;34ms033[1;34ms033[1;34mh033[1;34md
...grep would see this...
Code:
sshd
I'm not proficient enough in grep to know how to ignore characters/strings, if its possible.
 
Old 06-11-2011, 03:56 PM   #6
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,488

Rep: Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956
Quote:
Originally Posted by GeekyAdam View Post
However, I tried that process substitution line you provided and it just output auth.log without colors, as if it was just "tail" rather than "colortail".
Maybe you have to provide the exact path to conf.auth or remove the -k option completely if colortail is able to pick the proper configuration file automatically.
Quote:
Is there a more elegant solution, like maybe telling grep to ignore those 033[1;34m modifiers?
Well, , a tricky solution would be to remove the color codes using sed, e.g.
Code:
./colortail -k /path/to/conf.auth /var/log/auth.log | sed -r 's/^[\[[0-1]*;*[0-9]+m//g' | grep -a something
but in this way you actually remove any information about colors, so that using colortail has no sense anymore. Anyway, I think my previous solution is more simple: you have only to investigate why the color did not appear.
 
Old 06-12-2011, 12:47 AM   #7
grail
Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 7,485

Rep: Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890
Maybe if you explain the point of using colortail? You can have grep do a colour output of found items if this is what you are looking for.
 
Old 06-13-2011, 12:16 PM   #8
GeekyAdam
LQ Newbie
 
Registered: Aug 2010
Location: Erie, PA
Distribution: Ubuntu 10.04
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by colucix View Post
Maybe you have to provide the exact path to conf.auth or remove the -k option completely if colortail is able to pick the proper configuration file automatically.
I removed the "-k auth.log" and the colorizing worked fine again, but I think the solution is flawed...by feeding the grep command into the colortail command (rather than the other way around), I lose the ability to follow the colortail command (colortail -f ...).

Quote:
Originally Posted by colucix View Post
Well, , a tricky solution would be to remove the color codes using sed, but in this way you actually remove any information about colors, so that using colortail has no sense anymore.
Yeah, good point, I could just use tail rather than colortail in that situation. I'd like to avoid that.

Quote:
Originally Posted by grail
Maybe if you explain the point of using colortail? You can have grep do a colour output of found items if this is what you are looking for.
The sole reason I'm trying to use colortail rather than tail is ease of visual representation, that's all. Currently I'm using "tail -f /var/log/auth.log |grep sshd" which works fine, but...it's not pretty enough. :/
 
Old 06-13-2011, 07:04 PM   #9
grail
Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 7,485

Rep: Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890Reputation: 1890
Quote:
it's not pretty enough
Well I can't say i have seen this too often as a criteria , but what of the idea of using grep's color option?
Of course this will only colorise the expression being searched for.
 
Old 06-13-2011, 07:39 PM   #10
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,974
Blog Entries: 11

Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
It's a shame that colortail's author never considered STDIN as
a feasible file-handle. You could always a) patch it or b) raise
a feature request.


Cheers,
Tink
 
Old 06-16-2011, 01:06 PM   #11
GeekyAdam
LQ Newbie
 
Registered: Aug 2010
Location: Erie, PA
Distribution: Ubuntu 10.04
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by grail
what of the idea of using grep's color option?
Of course this will only colorise the expression being searched for.
grep does that by default for me, so all the "sshd" words are colored, which is decent, just looking for colortail's nice visuals.

Quote:
Originally Posted by Tinkster View Post
It's a shame that colortail's author never considered STDIN as
a feasible file-handle. You could always a) patch it or b) raise
a feature request.
I actually emailed this issue to the creator (Joakim Andersson according to the man page), still waiting on a reply at this point.
Patching it is out of the question, at least for me. I've been loving linux for a year or two now and know my way around a terminal pretty well, but linux software dev is out of my realm [at least at this point in time].
 
  


Reply

Tags
grep, tail


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
grep not working gdanko Linux - General 11 07-15-2010 02:28 PM
grep *.tpl is not working ravipat Linux - Newbie 3 07-03-2008 08:18 PM
find | grep <pattern> not working duvalr Linux - Software 4 09-17-2006 04:07 AM
Regular Expression + not Working with grep scottwmackey Linux - General 2 06-21-2006 01:31 AM
-r parameter not working in grep learnfast Linux - Newbie 1 03-11-2005 04:17 AM


All times are GMT -5. The time now is 04:27 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration