Tailing logs

[Paul Chvostek]

On Fri, Aug 22, 2008 at 10:28:33AM -0400, DAve wrote:
>
> I would love to have a way to tail a log, like piping to grep, except I
> see every line and the lines I would normally grep for are highlighted.
> That would be cool. Anyone know of a bash command or tool that will do this?

I use tcsh as my shell.  The following alias works nicely for me in
xterm, but would have to be adjusted for anything else:

  alias highlight 'sed -E '\''s/\!:*/^[[1m&^[[0m/g'\'''

Replace "^[" with an escape character, twice.  Put it in your .tcshrc if
you like.  YMMV.

> Side note, I am tailing sendmail after changes to my outbound queue
> runners. I want to highlight my sm-mta-out lines but still see all lines.

Right, I do very similar stuff.  You'd use this like:

  tail -F /var/log/maillog | highlight .*sm-mta-out.*

Quotes seem to confound this alias.  I haven't bothered to fix that; as
long as what you're searching for doesn't glob a file, you should be
fine without quotes.

You can also do more complex things in either sed or awk, colour-coding
individual pattern matches.  Here's one in awk that I use to highlight
the activity of milter-greylist:

  #!/usr/bin/awk -f
  BEGIN {
    red="^[[31m";     green="^[[32m";
    yellow="^[[33m";  blue="^[[34m";
    norm="^[[0m";
    fmt="%s%s%s\n";
  }
  /autowhitelisted/ { printf(fmt, green, $0, norm); next; }
  /delayed for/ { printf(fmt, yellow, $0, norm); next; }
  # /skipping greylist/ { printf(fmt, blue, $0, norm); next; }
  { print; }

Same deal with the "^[".

Enjoy.

p

-- 
  Paul Chvostek                                             <paul at it.ca>
  it.canada                                            http://www.it.ca/