You want to monitor your log files but you don’t want to spend alot of money on expensive commercial packages. Fortunately for you, Linux has a grizzled veteran to help out.

The tail command, on its own, has its uses. To me, however, it is pretty useless. It is designed to read the last specified number of lines of a file and, by default, display them to the stdout.

The way this works is tail determines the end of the file based on the EOF special character at the end of all files. However, there is a nifty argument that essentially truncates the EOF character so tail never see it. The result? A virtual realtime log monitoring tool.

Try it. Say your apache logs are kept in /etc/httpd/logs/access_log. Issue this command to the commandline as a privileged user:

tail -f /etc/httpd/logs/access_log

Bam! You’ve rolled your own realtime monitoring.