Log file analyzer


#1

I want to analyze a log file using ruby. What is
the most Ruby-like method to check the file for new
entries (they will be appended to the file) and
then get those new entries into the system?

I have a feeling that this should be rather simple,
but I can’t think of an elegant way.

Thanks,

Michael


#2

Michael U. wrote:

I want to analyze a log file using ruby. What is
the most Ruby-like method to check the file for new
entries (they will be appended to the file) and
then get those new entries into the system?

I have a feeling that this should be rather simple,
but I can’t think of an elegant way.

If data is appended to a single file all the time remember the last seek
position and compare file size with this seek offset. If file size
increased there is new data.

robert

#3

Michael U. wrote:

I want to analyze a log file using ruby. What is
the most Ruby-like method to check the file for new
entries (they will be appended to the file) and
then get those new entries into the system?

I have a feeling that this should be rather simple,
but I can’t think of an elegant way.

The grandrapids.rb is working on Logz, a web application built with ruby
on rails which allows you
to track, annotate, and follow a log analysts workflow. Some proof of
concept code was released on
their web site (http://www.gr-ruby.org/wiki). It is in the works right
now, but it will allow you
track multiple types of logs from multiple systems from within Logz, and
it is easily extendable by
the user to add their own custom log files. If something like this
interests you, please let the
group know by responding to this thread or joining their mailing list
and hollaring at them.

Zach


#4

Michael U. wrote:

Michael


Michael U.
R&D Team
ISIS Information Systems Austria
tel: +43 2236 27551-219, fax: +43 2236 21081
e-mail: removed_email_address@domain.invalid
Visit our Website: www.isis-papyrus.com

Comment, since I don’t have an answer for you: this is very
O/S-specific, esp win32. (also helps to mention which ruby release
you’re using, and how you installed it) In general (non-win32), you
could probably combine combine code that watches directories for
changes, either by storing mtimes in a dict, or by fcntl, with a
tail-type utility.