Re: using tail correctly

On Oct 24, 4:37 am, edcrosbys <edcros...@xxxxxxxxx> wrote:
Can you provide an example of the wap.log (a few lines would do
fine)?

mmccaws2 wrote:
Hi

I need to capture when devices come available, and they when they do
come available, they're only available for 15 to 20 minutes at a
time. The devices 'presence' is monitored/detected through syslog
entries from a WAP. So, what I am trying to do is capture the
information coming into syslog using

tail -f wap.log | grep -i wap >> wap.log

This is in a loop that sleeps every 2 minutes then kills the tail
process. moves wap.log to wap.log.1 then removes wap.log then
restarts. I don't see much activity. So my concern is this. Does
tail require a certain amount of buffer in order to write to grep or
file? If so, how do I adjust this so that I don't miss information
because it was in the buffer when the tail process is killed?

any examples?

Thanks

Mike
while :
do
sudo tail -f /syslog/wap.log | grep -i wap >> /home/wapmon/
wgb.log &

sleep 120

sudo kill `cat tailpid.txt`

rm tailpid.txt
test -f wgb.log && mv wgb.log wgb.log.1
cp /dev/null wgb.log
chmod 755 wgb.log
done

Oct 23 19:23:58 6R:air2southbase 93784: Oct 23 19:23:58.240 PST:
%DOT11-6-ASSOC: Interface Dot11Radio0, Stati on KCM-000-WAP-110
0019.2f99.4236 Associated KEY_MGMT[NONE]
Oct 23 19:24:04 6R:air2southbase 93799: Oct 23 19:24:03.115 PST:
%DOT11-6-ASSOC: Interface Dot11Radio0, Stati on KCM-000-WAP-111
0019.2f99.422e Associated KEY_MGMT[NONE]
Oct 23 19:24:05 6R:air2southbase 93801: Oct 23 19:24:04.285 PST:
%DOT11-6-ASSOC: Interface Dot11Radio0, Stati on KCM-000-WAP-118
0019.56e7.9f04 Associated KEY_MGMT[NONE]

I noticed that all the files are multiples of 8192 and the last line
doesn't have the" Associated Key_MGMT[NONE]". At the end. So could
that be syslog function or the tail function doing this. I can't
imagine it being the syslog. That's a gut feeling sort of statement.
No first hand experience backing that statement.

Thanks for getting back.

Mike

.

Relevant Pages

  • Re: using tail correctly
    ... I need to capture when devices come available, ... The devices 'presence' is monitored/detected through syslog ... This is in a loop that sleeps every 2 minutes then kills the tail ... because it was in the buffer when the tail process is killed? ...
    (comp.sys.hp.hpux)
  • Re: syslog server- how to on Linux
    ... show entries at the beginning of the file ... # tail -f /var/log/messages ... I need information on how I view or set up syslog on a Linux platform ...
    (Security-Basics)
  • Re: using tail correctly
    ... It is very likely that stdio buffering is involved. ... that be syslog function or the tail function doing this. ... If it did, and you watched it with 'tail -f', there would be no ... In order to understand recursion you must first understand recursion. ...
    (comp.sys.hp.hpux)
  • logger, tail and syslog
    ... I have a radius server and since radius logs to it's own radius.log ... I want my logs all in a central place - my syslog servers. ... just scp the log file to the syslog server every day. ... Tail the log every 5-10 minutes for the new entries and send ...
    (comp.os.linux)
  • Re: using tail correctly
    ... that be syslog function or the tail function doing this. ... meet the reg ex filter, ...
    (comp.sys.hp.hpux)