0

I am trying to monitor a log using tail -f command and when ever I come across two different words in different lines on same log, need to capture those and send a email notification:

For example: cat example.txt:

<event> 12345 </event>
<Description> Exception on file transfer for user ABC </Description>

I need to monitor for event '12345' having 'Exception' for user 'ABC'.

When I do tail -F example.txt | egrep "12345|Exception|ABC" This command prints if it sees any one of Grep keyword. Instead it needs to print only if it comes across all keywords in grep.

jww
  • 97,681
  • 90
  • 411
  • 885
Anvesh
  • 11
  • 3
  • 3
    Possible duplicate of [How to find patterns across multiple lines using grep?](https://stackoverflow.com/questions/2686147/how-to-find-patterns-across-multiple-lines-using-grep) – Marcus Mar 15 '19 at 19:45
  • Also see [How to use grep to match string1 AND string2?](https://stackoverflow.com/q/4487328/608639) and [How to grep for two words existing on the same line?](https://stackoverflow.com/q/6480687/608639) – jww Mar 15 '19 at 20:22

1 Answers1

1

try

tail -f example.txt | egrep --line-buffered  "Exception.*ABC" -B 1 | egrep -v Description
  • "Exception.*ABC" search for lines having Exception AND ABC
  • "-B 1" is to have previous line (the event)
  • "--line-buffered" is to turn grep buffering mode (else the second egrep won't process)
  • "| egrep -v Description" finally removes the Description line (since you just want the event)

you will end up having

    <event> 12345 </event>

Play with each parameter to see the difference

regards

altagir
  • 640
  • 8
  • 18