I would like to monitor my /var/log/syslog continuously. However while monitoring, I would like to avoid certain pattern(s) while monitoring. I am interested only in the last 15 (for example) lines.
For the usual monitoring I use the command:
watch -n 1 tail -n 15 /var/log/syslog
Whereas, what I actually would like to have is something like:
watch -n 1 tail -n 15 /var/log/syslog | grep -v -E 'pattern1|pattern2'
Being more specific with my requirement:
I would like to continuously monitor entries in the syslog, avoiding certain pattern(s). The screen should get refreshed every fixed period (say 1s or 2s).
Following are more (failed) attempts:
watch cat /var/log/syslog | grep -v -E 'pattern1|pattern2'
A (partially) successful attempt:
while true;
do
clear;
cat /var/log/syslog | grep -v -E 'pattern1|pattern2' | tail -15;
sleep 1;
echo '\"CTRL-C\" to close';
done
However the smoothness of watch is lost here.
Summary
So the question is is there any way to combine watch, tail and grep?
I am using bash 4.4.7 on 17.04.
Best Answer
The issue with your
watch -n 1 tail -n 15 /var/log/syslog | grep -v -E 'pattern1|pattern2', I think, is that it runstail -n 15 /var/log/sysloginsidewatch, then pipes the result togrep. That almost certainly causes the intermediate output to be buffered in such a way that you don't see what you expect (at least, not when you expect it).There's probably a way to achieve what you want with clever use of
stdbufand/or the--line-bufferedgrep option, however a simpler way is to run the whole pipeline insidewatch: