Logfiles can often contain information that is not immediately helpful while diagnosing a problem. For example, we may be only interested in finding what files are being currently requested via the apache log files. A typical log line would look like this:
1.2.3.4 - - [16/May/2007:07:49:50 -0700] "GET /index.php?main_page=product_info&manufacturers_id=6481&products_id=107321 HTTP/1.1" 200 5614 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "-"
Counting the elements in this line separated by spaces, we identify that the elements of the log line are:
If we are only interested in the 7th item in the line, the request, we can use awk and tail together to view only those items in the logfile:
tail -f apache.log | awk '{print $7}';
The output for the line above would be:
/index.php?main_page=product_info&manufacturers_id=6481&products_id=107321
To view multiple items from a file, for example, the status code and request, separate the variables with a comma:
tail -f apache.log | awk '{print $9, $7}'
The output with the status code:
200 /index.php?main_page=product_info&manufacturers_id=6481&products_id=107321
Comments
add grep to the situation!
Adding grep to the command would help find specific parameters in the log file too. If you are looking for a specific file being used grep it's name after tail command
something like:
tail -f apache.log | grep '/index.php'
The output should be every entry in the log file that contains '/index.php'
might be a better idea to write the output to a file for this situation but you get the idea.
combining grep and awk could be useful too.