DranoK
06-06-2007, 04:24 PM
Prerequisites:
o GNU tail
o Familiarity with the bash shell
o Familiarity with the tail command
o Beginner's knowledge of what a file descriptor is
Running tail -f /path/to/somefile.log is one of the first commands a beginner learns. Aside from use on the command line, tail can be used in scripts as well.
Most log files rotate at some point or another (that is, they're renamed), and a new file starts being logged to. This is a problem since tail will follow the file even through a rename. This is because by default tail follows the descriptor, which doesn't actually change when the file gets moved.
Say you're tailing /var/log/messages. This file gets rotated to /var/log/messages.1 and a new /var/log/messages is created. By default your tail will still be following the descriptor for /var/log/messages.1, which probably isn't what you want.
To change this you need to make tail follow the name of the file rather than the file's descriptor. This can be done with:
Listing 1: Tail by nametail --follow=name /var/log/messages
The normal "tail -f" is equivalent to:
Listing 2: Tail by descriptor (aka, tail -f)tail --follow=descriptor /var/log/messages
This is a good start, but there's one additional problem. Normally, if a file becomes inaccessible for even a short period of time tail will quit. This is a problem, since there will almost certainly be a delay between when the existing /var/log/messages is moved to /var/log/messages.1 and the new /var/log/messages is created.
To overcome this problem we can use the "--retry" option:
Listing 3: Tail retry optiontail --retry --follow=name /var/log/messages
This is a bit bulky, so luckily GNU tail gives us a single flag to use instead, "-F". The "-F" flag is an alias for "--retry --follow=name":
Listing 4: Final, simplified command to tail by nametail -F /var/log/messages
Easy as that ;)
Listing 5: Relevant section from the tail man page
--retry
keep trying to open a file even if it is inaccessible when tail
starts or if it becomes inaccessible later -- useful only with
-f
-f, --follow[={name|descriptor}]
output appended data as the file grows; -f, --follow, and --fol-
low=descriptor are equivalent
-F same as --follow=name --retry
o GNU tail
o Familiarity with the bash shell
o Familiarity with the tail command
o Beginner's knowledge of what a file descriptor is
Running tail -f /path/to/somefile.log is one of the first commands a beginner learns. Aside from use on the command line, tail can be used in scripts as well.
Most log files rotate at some point or another (that is, they're renamed), and a new file starts being logged to. This is a problem since tail will follow the file even through a rename. This is because by default tail follows the descriptor, which doesn't actually change when the file gets moved.
Say you're tailing /var/log/messages. This file gets rotated to /var/log/messages.1 and a new /var/log/messages is created. By default your tail will still be following the descriptor for /var/log/messages.1, which probably isn't what you want.
To change this you need to make tail follow the name of the file rather than the file's descriptor. This can be done with:
Listing 1: Tail by nametail --follow=name /var/log/messages
The normal "tail -f" is equivalent to:
Listing 2: Tail by descriptor (aka, tail -f)tail --follow=descriptor /var/log/messages
This is a good start, but there's one additional problem. Normally, if a file becomes inaccessible for even a short period of time tail will quit. This is a problem, since there will almost certainly be a delay between when the existing /var/log/messages is moved to /var/log/messages.1 and the new /var/log/messages is created.
To overcome this problem we can use the "--retry" option:
Listing 3: Tail retry optiontail --retry --follow=name /var/log/messages
This is a bit bulky, so luckily GNU tail gives us a single flag to use instead, "-F". The "-F" flag is an alias for "--retry --follow=name":
Listing 4: Final, simplified command to tail by nametail -F /var/log/messages
Easy as that ;)
Listing 5: Relevant section from the tail man page
--retry
keep trying to open a file even if it is inaccessible when tail
starts or if it becomes inaccessible later -- useful only with
-f
-f, --follow[={name|descriptor}]
output appended data as the file grows; -f, --follow, and --fol-
low=descriptor are equivalent
-F same as --follow=name --retry