Watch multiple files with Multitail

One of the things that  you do when managing lots of *unix systems, is have the logs scrolling past on the screen. Mostly for single systems and single files you would use tail. For example to watch whats happening in /var/log/messages you would use something like “tail -f /var/log/messages”.

Now take this to the next level, you are managing 30 odd systems and want to see what is happening on each server. The easiest way to do this is to have all your log files aggregated to a central point for monitoring and archiving. Once you do that you will have lots of data flowing up the screen. So you can highlight what is needed, use a tool like multitail.

MultiTail lets you view one or multiple files like the original tail program. The difference is that it creates multiple windows on your console (with ncurses). It can also monitor wildcards: if another file matching the wildcard has a more recent modification date, it will automatically switch to that file. That way you can, for example, monitor a complete directory of files. Merging of 2 or even more logfiles is possible. It can also use colors while displaying the logfiles (through regular expressions), for faster recognition of what is important and what not. It can also filter lines (again with regular expressions). It has interactive menus for editing given regular expressions and deleting and adding windows. One can also have windows with the output of shell scripts and other software. When viewing the output of external software, MultiTail can mimic the functionality of tools like ‘watch’ and such.

Check it out at http://www.vanheusden.com/multitail/

It is available for most distros. Check the download section of the multitail site for a list of available packages.

Darrin

.

Posted by on February 16, 2009 in Brain Purge ..

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments are closed.