OK, the mystery shifts. If I don't setup the "real time" (sub-level child?)
with the '-f' and just do a same level operation such as:
tail -500 /var/log/pfsense | egrep -e '\.25\:' -e '\.465\:' -e '\.587\:' |
grep -v '192\.168\.0\.71'
it works as desired!
Something with the child process of the tail that is continuously reading
the target(s) and feeding them to STDOUT in real time doesn't like that fork
to the 2nd grep. I tried encapsulating the tail in '(' and ')' but no go.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Mark J. Bailey
Sent: Wednesday, February 19, 2014 10:55 AM
To: [email protected]
Subject: RE: [nlug] Weird CentOS 6 Bash/Grep issue
I actually already tried something like that. Like I said, I used multiple
greps and what not before for decades now, so I was sitting there wondering
why I was not seeing any output after a good bit of time, and that was when
I discovered how it was behaving. The tail -f has to be feeding STDOUT, and
what feeds out of egrep should be on STDOUT, so it stands to reason that the
2nd grep would be getting its feed on STDIN. Yet, I get no matches/output at
all no matter what pattern I feed it. And, by the way, this is true for
using egrep or fgrep as the 2nd filter. I wonder if there is some odd
parent/child output stream scope or something being setup by the 'tail -f'
that would be affecting this scenario. Not sure how one could tell.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Steven S. Critchfield
Sent: Wednesday, February 19, 2014 10:32 AM
To: [email protected]
Subject: Re: [nlug] Weird CentOS 6 Bash/Grep issue
> tail -f /var/log/pfsense | egrep -e '\.25\:' -e '\.465\:' -e '\.587\:'
> | grep -v '192\.168\.0\.71'
Just a thought, in the final grep, remove the back slashes, and add -F to
the flags. -F should turn off the regex matching, therefore do simple string
match and not interpret the periods as wild matches.
Of course, the inverted grep you posted there matches every entry in your
example.
--
Steven Critchfield [email protected]
--
--
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected] To
unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
--
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected] To
unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
--
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
