[Snort-users] tail

Mullen, Patrick Patrick.Mullen at ...24...
Thu Jul 27 15:50:40 EDT 2000


> Hi i like color logs but this only processes complete logs and then
> ends. I want to use it like tail ti put the new added live to
> /dev/tty12 like tail!
> Please help!

Dunno why this went to the list, but I feel the need to head
off bad marketing.  ACL does the above, the same way tail
does.  Granted, it doesn't do `tail`ing itself, but in the
spirit of Unix

tail -f logfile | acl > /dev/tty12

works just fine.  Of course, the better way to do it is
to do a named pipe using `mkfifo`

acl < /dev/logdata > /dev/tty12

BTW, beware of old syslogds that would stop logging if
data was sent to a named pipe that wasn't read from.  I
found this out the hard way.

Sorry for the wasted slots.


~Patrick




More information about the Snort-users mailing list