On Sunday 26 July 2009 21:20:23 Modulok wrote:
One would think that ISO 8601 date strings would make more sense, in
addition not being language dependent. But I guess that's out.
It isn't too hard to convert on the fly. The real problem is that syslog
dates do not contain a year and timezone. The taillog program below sig
therefore may lie about the generated date. Most notably a year is
non-optional in ISO 8601.
Anyway, taillog is basically tail(1), except it shows the following:
% sudo taillog -2 /var/log/cron
2009-07-27 00:11:00-0800 smoochies /usr/sbin/cron[25808]: (operator) CMD
(/usr/libexec/save-entropy)
2009-07-27 00:15:00-0800 smoochies /usr/sbin/cron[25834]: (root) CMD
(/usr/libexec/atrun)
--
Mel
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering sh file. Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# taillog/BSDmakefile
# taillog/taillog.c
#
echo x - taillog/BSDmakefile
sed 's/^X//' taillog/BSDmakefile 'f307a85b0a9ff60c11589de765a71b95'
X# $Coar: utils/taillog/BSDmakefile,v 1.1 2009/07/27 07:58:48 mel Exp $
XPROG=taillog
XNO_MAN=yes
X
X.include bsd.prog.mk
f307a85b0a9ff60c11589de765a71b95
echo x - taillog/taillog.c
sed 's/^X//' taillog/taillog.c '4c238c819ad69dd9d8586db323e29997'
X/*
X * vim: ts=4 sw=4 fdm=marker tw=78 ai noet
X * Copyright (c) 2009 Mel Flynn
X * All rights reserved.
X *
X * Redistribution and use in source and binary forms, with or without
X * modification, are permitted provided that the following conditions
X * are met:
X * 1. Redistributions of source code must retain the above copyright
X *notice, this list of conditions and the following disclaimer.
X * 2. Redistributions in binary form must reproduce the above copyright
X *notice, this list of conditions and the following disclaimer in the
X *documentation and/or other materials provided with the distribution.
X *
X * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
X * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
X * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
X * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
X * SUCH DAMAGE.
X *
X * Taillog: tail(1) helper that converts syslog date format to ISO-8601.
X */
X#include sys/cdefs.h
X__FBSDID($Coar: utils/taillog/taillog.c,v 1.1 2009/07/27 07:58:48 mel Exp $);
X
X#include sys/types.h
X#include sys/param.h
X#include sys/resource.h
X#include sys/time.h
X#include sys/wait.h
X
X#include stdio.h
X#include unistd.h
X#include string.h
X#include time.h
X
X#include sysexits.h
X#include err.h
X
X#define TAIL /usr/bin/tail
X
Xstatic inline void init_tp(const struct tm *now, struct tm *tp);
X
Xint main(int argc, char **argv)
X{
X pid_t pid;
X int fildes[2], res;
X struct tm *now;
X time_t clock;
X
X tzset();
X clock = time(NULL);
X now = localtime(clock);
X
X res = pipe(fildes);
X if( (pid = fork()) == 0 ) /* Child */
X {
X close(fildes[0]);
X if( dup2(fildes[1], STDOUT_FILENO) 0 )
X err(EX_OSERR, dup2());
X argv[0] = strdup(TAIL);
X if( (res = execv(TAIL, argv)) 0 )
X err(EX_OSERR, Failed to run tail);
X }
X else if( pid 0 ) /* Parent */
X {
X char buf[BUFSIZ];
X FILE *in;
X
X close(fildes[1]);
X if( (in = fdopen(fildes[0], r)) == NULL )
X err(EX_OSERR, fdopen());
X
X while( fgets(buf, BUFSIZ, in) != NULL )
X {
X struct tm tp;
X size_t len = strlen(buf);
X char *ptr, tbuf[32];
X
X init_tp(now, tp);
X ptr = strptime(buf, %b %e %T, tp);
X if( ptr == NULL )
X {
X warnx(Line does not start with syslog date);
X printf(%s, buf);
X }
X else
X {
X if( strftime(tbuf, sizeof(tbuf), %Y-%m-%d
%H:%M:%S%z, tp) == 0 )
X err(EX_SOFTWARE, Can't convert time);
X res = printf(%s%s, tbuf, ptr);
X
