Home / server / Questions / 271800
Accepted
bsdfish
Asked: 2011-05-20 20:39:33 +0800 CST

Watching a file and sending an email when it changes

  • 772

I have a log file that occasionally has critical errors. Each time a critical error occurs, I'd like to have an email sent to myself notifying me of the change. Is there a unix tool / set of unix tools I can adapt for this purpose?

What I thought of doing was 

tail -f logfile | grep CRITICAL > critical.errors
watch tail critical.errors   # And somehow, email on changes.

However, the watch command doesn't take an action. So ... is there something like 'watch' that does. Or perhaps a good existing script that will do this? I can homebrew a bash/python solution, but I'd rather reuse existing tools for cleaner error handling, etc.

email watch

1 Answers

  1. Best Answer

    Try IWatch - it's a perl script based on inotify that does just what you need:

    http://sourceforge.net/projects/iwatch/

    You can also roll your own with inotify-tools, in particular inotifywait. Modifying example #2 from that page (untested):

    #!/bin/sh
file=logfile
cp $file $file.last
while true; do
  EVENT=$(inotifywait --format '%e' $file)
  [ $? != 0 ] && exit
  [ "$EVENT" = "MODIFY" ] && ( diff $file $file.last | mail ... ) && cp $file $file.last
done

    You could also keep a byte/line counter and only mail the new bytes/lines, but using diff is simpler. It could cause performance issues if the file gets big and changes constantly though.

    • 5