Processing input files - urbanware-org/salomon GitHub Wiki
Processing input files
Table of contents
- Relevant keystrokes
- Monitoring files
- Analyzing files
- Multiple input files
- Merging multiple input files
Relevant keystrokes
The Salomon process (no matter if monitoring or analyzing) can be canceled at any time by pressing the universal and well-known Ctrl+C keystroke.
By pressing Ctrl+S the output freezes until defreezing it again using Ctrl+Q.
Monitoring files
This feature uses the follow mode of the tail utility to return the lines of the file and colorizes the output with user-defined colors. The file will be monitored until the user cancels the process.
For example, to monitor the file /var/log/foobar.log using the file foo_colors.cfg to colorize certain lines:
./salomon.sh -a monitor -i /var/log/foobar.log -c foo_colors.cfg
Alternatively, you can also give the --monitor command-line argument instead of -a monitor.
Analyzing files
Instead of monitoring a file, it is also possible to analyze it. This will simply return its lines and colorize certain of them, then exit.
For example, to analyze the file /var/log/foobar.log using the file foo_colors.cfg to colorize certain lines:
./salomon.sh -a analyze -i /var/log/foobar.log -c foo_colors.cfg
Alternatively, you can also give the --analyze command-line argument instead of -a analyze.
Multiple input files
You can also provide multiple (two or more) input files at once.
When monitoring multiple files a separator will be displayed that shows to which file a new line was last added and when analyzing they will simply be processed one by another.
For example, to monitor the files /var/log/foo.log and /var/log/bar.log using the file foo_colors.cfg to colorize certain lines:
./salomon.sh -a monitor -i /var/log/foo.log -i /var/log/bar.log -c foo_colors.cfg
Notice that the argument -i is required for each input file given.
Merging multiple input files
This feature is primarily intended for analyzing multiple files.
Usually the files are processed one after another by default. However, in some cases it is useful to be able to merge several log files of the same type (e.g. mail logs) into one, especially when working with timestamps.
This can simply be done using the --merge argument. For example:
./salomon.sh -a monitor -i /var/log/maillog_1.log -i /var/log/maillog_2.log -i /var/log/maillog_3.log -c foo_colors.cfg --merge
When using --merge with monitoring mode, it simply removes the file separators from the output.