0

I'm wanting to constantly monitor syslog and perform some computations after a regex pattern appears, and use the grep output in the command, as well as continue to monitor for new matching lines. The best way I can think to accomplish this is using tail -f and piping this output to grep. The only issue is I don't know of a way to run a new command based off each new line of output and continue until termination.

Any ideas on what I could use here?

john doe
  • 746
  • 1
  • 12
  • 27

1 Answers1

3

What you want is piping it to a while read. Quick example for just counting occurrences:

#!/bin/bash
a=0
tail -f input.txt | grep 'pattern' | while read line ; do
    a=$((a+1))
    echo -e "found match in $line , occurrence no. $a"
done

Tried with dd if=/dev/random of=file as reference. Assumption is that you only need 'pattern' as trigger and not the previous lines.

ilkkachu
  • 133,243
  • 15
  • 236
  • 397
FelixJN
  • 12,616
  • 2
  • 27
  • 48
  • 6
    Note that you need to somehow make `grep` not buffer its output, otherwise the script will only see anything after some 4 kB or so is matched. With GNU grep, use `grep --line-buffered`, with other tools, perhaps something else. See. [Turn off buffering in pipe](https://unix.stackexchange.com/q/25372/170373). – ilkkachu Jan 27 '21 at 22:55
  • Note that that would stip leading/trailing blanks from each line and interpret all escape sequences so, for example, `foo\tbar` in the input would become `foobar` in the output. Always use `while IFS= read -r line` unless you have a specific **need** not to. – Ed Morton Jan 31 '21 at 19:27