Nifty Log Watching Command

Have you ever wanted to watch all the logs in /var/log and sub-directories on your Linux box? Well, I have, and normally I just use tail -f *.log, but that doesn’t work because some log files don’t end in “.log”. Furthermore, you can’t use tail -f * because some of the files can contain non-printable binary data (like .gz files), which would mess up your terminal. So, I whipped out this little command today to find all the text files in /var/log (and sub-directories too) and run tail -f on them:

find /var/log | xargs file | grep text | cut -f 1 -d : | xargs tail -F

When just about anything happens on your Linux box, you’ll see it in near real time with this bad boy. Oh, and you’ll probably need to run it as root or at least use sudo.

Edit: I used tail -F instead of tail -f so tail will notice if the log file gets rotated out from under us (thanks Byron).

Enjoy!

3 comments to “Nifty Log Watching Command”

You can leave a reply or Trackback this post.
  1. http://Byron%20Clark says: -#1

    You may want to change the ‘tail -f’ to ‘tail -F’ so that you’ll still follow a log file if it is rotated.

  2. http://Harley%20Pig says: -#1

    There is an app called mtail which does effectively the same thing. One improvement over your example is that you can use multiple directories:

    mtail /var/log/* /var/spool/mail/harleypig /home/harleypig/log/*

  3. Seems like mtail doesn’t recurse through sub-directories to find log files like my command does, nor is it available in Debian stable’s repository (looks like Gentoo has it though).

    Also, my example *can* do multiple directories. Just toss them in after the “find” command, like this:

    find /var/log /var/spool/mail /home/user/log | xargs file | grep text | cut -f 1 -d : | xargs tail -F

    Also, what does mtail do if you accidentally feed it a .gz file like your command above did? (e.g., /var/log/foo.log.1.gz) Does it spew binary characters all over your terminal like the normal tail command does?

    –Dave