Re: Log file monitoring - retail?

[Antonomasia <ant () notatla demon co uk>]

Carson Gaspar -- carson () cs columbia edu carson () tla org carson () cugc org:

> Once upon a time, I heard of a utility called retail. It was basically
> 'tail -f' that noticed if a new file had replaced the old and
> re-opened it (log file rotation, for example).
> whereabouts, or if something equivilant exists?


MJR, on this list, 24Sep1997  "artificial ignorance: how-to guide".

Among other things he said: 

> Once you've got your pattern file tuned, put it in
> cron or whatever, so it runs often. The TIS Gauntlet
> has a hack I wrote called "retail" which I can't
> unfortunately release the code for, but is easy to
> implement. Basically, it was like tail but it remembered
> the offset in the file from the previous run, and the
> inode of the file (so it'd detect file shifts) - the trick is
> to keep one fd open to the file and seek within it,
> then stat it every so often to see if the file has grown
> or changed inode. If it has, read to EOF, open the new
> file, and start again. That way you can chop the end
> of the log file through a filter every couple seconds
> with minimal expense in CPU and disk I/O.



--
##############################################################
# Antonomasia   ant () notatla demon co uk                      #
# See http://www.notatla.demon.co.uk/                        #
##############################################################