monitor syslog and print line without `pattern`
I would like to monitor my /var/log/syslog continuously. However while monitoring, I would like to avoid certain pattern(s) while monitoring. I am interested only in the last 15 (for example) lines.
For the usual monitoring I use the command:
watch -n 1 tail -n 15 /var/log/syslogWhereas, what I actually would like to have is something like:
watch -n 1 tail -n 15 /var/log/syslog | grep -v -E 'pattern1|pattern2'Being more specific with my requirement:
I would like to continuously monitor entries in the syslog, avoiding certain pattern(s). The screen should get refreshed every fixed period (say 1s or 2s).
Following are more (failed) attempts:
watch cat /var/log/syslog | grep -v -E 'pattern1|pattern2'A (partially) successful attempt:
while true;
do clear; cat /var/log/syslog | grep -v -E 'pattern1|pattern2' | tail -15; sleep 1; echo '\"CTRL-C\" to close';
doneHowever the smoothness of watch is lost here.
Summary
So the question is is there any way to combine watch, tail and grep?
I am using bash 4.4.7 on 17.04.
1 Answer
The issue with your watch -n 1 tail -n 15 /var/log/syslog | grep -v -E 'pattern1|pattern2', I think, is that it runs tail -n 15 /var/log/syslog inside watch, then pipes the result to grep. That almost certainly causes the intermediate output to be buffered in such a way that you don't see what you expect (at least, not when you expect it).
There's probably a way to achieve what you want with clever use of stdbuf and/or the --line-buffered grep option, however a simpler way is to run the whole pipeline inside watch:
watch -n 1 'tail -n 15 /var/log/syslog | grep -v -E "pattern1|pattern2"'
