Watch my tails

When in charge of server monitoring, one has to pay great attention on server’s log files. Be them web logs, mail logs or other application’s logs, sometimes they offer us too much information, either to help locating the origin of a certain problem or to confuse by displaying many messages, informational but useless!

Monitoring log files in real time is very easy by using the tail command in its follow (“-f”) mode. For example:

tail -f /var/log/syslog

will show on screen every line that appears at the end of the syslog. Additionally, filtering any undesired lines will require the use of a grep filter, like:

tail -f /var/log/syslog | grep -v -i “smtp”

But what if you want to watch more than one log file or if you want to highlight certain parts, such as IP addresses or error codes?

Multitail to the rescue!
Multitail is very versatile and highly configurable utility. It can monitor many log files in parallel, either in a window of their own or in a single one by merging them. It can also display the (differential or not) output of other commands, such as “ping -c 1” or “ls /tmp” and, of course, it can colorize or filter certain fields or lines the way we want.

When I discovered (via DebianPackageADay), installed and run it, I felt very happy because I could have all the running information I needed in just one window and the more useful bits of it highlighted and easily spotted!

A very nice work indeed!

Visit The Light of the LAMP blog for more…