Re: Monitor log file thru shell script

From: Dan Norris <>
Date: Tue, 08 Jul 2008 15:10:41 -0600
Message-ID: <>


I don't think you'll be able to do this since the mail command won't
ever send the message until its STDIN is closed. Since you're using
tail -f, the STDIN for the mail command will never be closed and you'll
never get a message.

When I've done similar things in the past, specifically for the alert log, I've done something like:
1. mv alert.log alert.log.YYYYMMDDHH24MM
2. grep "whatever error strings"  alert.log.YYYYMMDDHH24MM | mail ...
3. find alert.log.* -mtime +10 | xargs rm

and re-run that every process at regular intervals (daily, hourly, whatever).

For other logfiles that aren't easily "rolled" like that, you may need to find a way to close them to rotate them and/or include the rotation process in the same script where you check the contents for errors.

I'm sure there are more elegant solutions, but this (or something like it) has worked well for me in the past.


Shivaswamy / ಶಿವಸ್ವಾಮಿ wrote:

I am attempting to look for a pattern in the continuously growing log file and mail me if match is found. (on Linux). But I am having problem.
This is the part of the shell script
export err1=down
tail -f testlogfile  | egrep -n  "${err1}" |  mail -s "Found warning"
As you see I am using tail -f and egrep. When I run only  tail -f & egrep part on the prompt on my testlogfile, I am able to see the output from egrep.
But when I pipe it to mail, and run it on nohup on a shell script, nothing happens. I can see that mail process is in T state, meaning it is stopped.
If I kill my shell script running in the background, I get the email notification, as expected.
What happens here? How I can get the notification, without killing the process?
If you could please help, I appreciate it.
-- Received on Tue Jul 08 2008 - 16:10:41 CDT

Original text of this message