Logfiles can often contain information that is not immediately helpful while diagnosing a problem. For example, we may be only interested in finding what files are being currently requested via the apache log files. A typical log line would look like this:
1.2.3.4 - - [16/May/2007:07:49:50 -0700] "GET /index.php?main_page=product_info&manufacturers_id=6481&products_id=107321 HTTP/1.1" 200 5614 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "-"
Counting the elements in this line separated by spaces, we identify that the elements of the log line are:
If we are only interested in the 7th item in the line, the request, we can use awk and tail together to view only those items in the logfile:
tail -f apache.log | awk '{print $7}';
The output for the line above would be:
/index.php?main_page=product_info&manufacturers_id=6481&products_id=107321
To view multiple items from a file, for example, the status code and request, separate the variables with a comma:
tail -f apache.log | awk '{print $9, $7}'
The output with the status code:
200 /index.php?main_page=product_info&manufacturers_id=6481&products_id=107321