LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Tail - only show matched phrase (https://www.linuxquestions.org/questions/linux-newbie-8/tail-only-show-matched-phrase-415798/)

Critcho 02-15-2006 01:50 PM
Tail - only show matched phrase
 
I am tailing a log file with

Code:
tail -f /var/log/messages -n 200
However, this file spews a whole lot of messages on my screen, and I am only interested in one - AT+CFUN=0.

I plan to have two windows - one with the specific watch and one with the complete tail. When the specific watch gets a hit, I can switch to the full tail and see what happened before the event, but without going blind watching the log files and trying to catch the event.

Guess I'm after a hybrid tail/grep... Is there such a beast?

Linux version is embedded into an Axis single board CPU:
BusyBox v0.60.5 (2005.09.26-02:02+0000) Built-in shell (ash)

Thanks,
Cheers,
Critcho.

schneidz 02-15-2006 02:32 PM
hi if you man grep i think option -B will give you what you need.

PTrenholme 02-15-2006 02:33 PM
Have you looked at the swatch application?

Critcho 02-15-2006 03:24 PM
Thanks for the suggestions, looks like this version of Linux doesn't like either of those options:

Code:
[root@AxisProduct /var/log]29054# grep
BusyBox v0.60.5 (2005.09.26-02:02+0000) multi-call binary

Usage: grep [-ihHnqvs] PATTERN [FILEs...]

Search for PATTERN in each FILE or standard input.

Options:
        -H      prefix output lines with filename where match was found
        -h      suppress the prefixing filename on output
        -i      ignore case distinctions
        -l      list names of files that match
        -n      print line number with output lines
        -q      be quiet. Returns 0 if result was found, 1 otherwise
        -v      select non-matching lines
        -s      suppress file open/read error messages

[root@AxisProduct /var/log]29054#
[root@AxisProduct /var/log]29054# swatch
swatch: No such file or directory
[root@AxisProduct /var/log]29054#
I was hoping to find some way to combine the two commands (sorta like a pipe), but I guess that isn't possible.

Next step I guess is a small batch file to grep the file every 5 seconds....

PTrenholme 02-15-2006 03:46 PM
Well, yes, you'd need to install swatch from, e.g., SourceForge, before you could use it.

You're using "BusyBox V0.6.50" for this? I thought BusyBox was primarily for use in embedded systems, where memory was really limited, and I wouldn't have thought that any windowing system would/could run with only BusyBox/

Critcho 02-15-2006 03:48 PM
Yup, this is on a small platform on an embedded Single Board Computer. I'm watching the log via a telnet session from my PC. Installing software isn't really an option I guess.

tuxrules 02-15-2006 03:50 PM
Quote:
Originally Posted by Critcho
Thanks for the suggestions, looks like this version of Linux doesn't like either of those options:

Code:
[root@AxisProduct /var/log]29054# grep
BusyBox v0.60.5 (2005.09.26-02:02+0000) multi-call binary

Usage: grep [-ihHnqvs] PATTERN [FILEs...]

Search for PATTERN in each FILE or standard input.

Options:
        -H      prefix output lines with filename where match was found
        -h      suppress the prefixing filename on output
        -i      ignore case distinctions
        -l      list names of files that match
        -n      print line number with output lines
        -q      be quiet. Returns 0 if result was found, 1 otherwise
        -v      select non-matching lines
        -s      suppress file open/read error messages

[root@AxisProduct /var/log]29054#
[root@AxisProduct /var/log]29054# swatch
swatch: No such file or directory
[root@AxisProduct /var/log]29054#
I was hoping to find some way to combine the two commands (sorta like a pipe), but I guess that isn't possible.

Next step I guess is a small batch file to grep the file every 5 seconds....
Would this not work?
Code:
tail -n /var/log/messages -n 200 | grep <what-ever>
Swatch is actually a software package you have to install. Look up at swatch.sourceforge.net --- Others already beat me on this one.

You can also use awk to cat a specific pattern you are looking for.

Tux,

Critcho 02-15-2006 03:57 PM
Working OK with a script, not the neatest output but it does the job...

Code:
while true
do
echo -
grep -n CFUN messages
done
Output is just "-" per line a few times a second, will show the line containing CFUN when it is written.

Guess that's the way it happens when you're a programmer - if it doesn't exist, make it yourself!

Critcho 02-15-2006 05:32 PM
Quote:
Originally Posted by tuxrules
Would this not work?
Code:
tail -f /var/log/messages -n 200 | grep <what-ever>
Tux,
Actually... yup - it works fine!!

Thanks Tux, easy when you know how!

jrdioko 02-15-2006 07:36 PM
Quote:
Originally Posted by Critcho
I was hoping to find some way to combine the two commands (sorta like a pipe), but I guess that isn't possible.
To combine commands with a pipe, use a pipe (|) between them...

Critcho 02-16-2006 09:40 AM
Yeah, I knew about pipe, just wasn't sure if those two could be combined, because tail has a continual output, and grep is a one-shot command.....

tuxrules 02-16-2006 10:27 AM
Quote:
Originally Posted by Critcho
Yeah, I knew about pipe, just wasn't sure if those two could be combined, because tail has a continual output, and grep is a one-shot command.....
AFAIK, tail command also gives you a snapshot of a file at the instance of running the command. It won't continuously tail the file with new output, even if the original file is being populated while you are tailing it. But I may be wrong.

Tux,

jrdioko 02-16-2006 11:19 AM
Ah, I see what you're saying. Take a look at the difference between "tail" and "tail -f".

tuxrules 02-16-2006 12:03 PM
Quote:
Originally Posted by jrdioko
Ah, I see what you're saying. Take a look at the difference between "tail" and "tail -f".
Just goes to show how closely I should read the man pages...:D.

Tux,


All times are GMT -5. The time now is 08:16 AM.