1. 首页
  2. 问题
  3. 检测日志文件旋转(在监视日志文件进行修改的同时)
小编典典

检测日志文件旋转(在监视日志文件进行修改的同时)

linux

我使用以下代码跟踪ssh登录:

def follow(thefile):
  thefile.seek(0,2)
  while True:
    line = thefile.readline()
    if not line:
      time.sleep(0.1)
      continue
    yield line

if __name__ == '__main__':
  logfile = open('/var/log/auth.log', 'r')
  loglines = follow(logfile)
  for line in loglines:
    print 'do something here'

我注意到该脚本在几天后突然停止工作。我没有任何错误,它不会终止,只会停止工作,好像readline()永远不会返回。

所以我执行了a echo 'test' >> auth.log.1,这的确最终被脚本处理了,因为前一段时间auth.log将其重命名为auth.log.1

如何跟踪这种日志轮换的时间并进行相应调整?


阅读 302

收藏
2020-06-03

共1个答案

小编典典

使用e4c5的答案,我得到了这段代码,该代码还解决了readline()每秒调用多次的问题。

在第一次调用期间,它会跳到文件末尾并等待修改。移动文件后,它将重新打开文件并读取全部内容,然后开始等待。

import os
import time
import traceback
import threading
import inotify.adapters

logfile = b'/var/log/auth.log'
#logfile = b'logfile.log'

##################################################################

def process(line, history=False):
  if history:
    print '=', line.strip('\n')
  else:
    print '>', line.strip('\n')

##################################################################

from_beginning = False
notifier = inotify.adapters.Inotify()
while True:
  try:
    #------------------------- check
    if not os.path.exists(logfile):
      print 'logfile does not exist'
      time.sleep(1)
      continue
    print 'opening and starting to watch', logfile
    #------------------------- open
    file = open(logfile, 'r')
    if from_beginning:
      for line in file.readlines():
        process(line, history=True)
    else:
      file.seek(0,2)
      from_beginning = True
    #------------------------- watch
    notifier.add_watch(logfile)
    try:
      for event in notifier.event_gen():
        if event is not None:
          (header, type_names, watch_path, filename) = event
          if set(type_names) & set(['IN_MOVE_SELF']): # moved
            print 'logfile moved'
            notifier.remove_watch(logfile)
            file.close()
            time.sleep(1)
            break
          elif set(type_names) & set(['IN_MODIFY']): # modified
            for line in file.readlines():
              process(line, history=False)
    except (KeyboardInterrupt, SystemExit):
      raise
    except:
      notifier.remove_watch(logfile)
      file.close()
      time.sleep(1)
    #-------------------------
  except (KeyboardInterrupt, SystemExit):
    break
  except inotify.calls.InotifyError:
    time.sleep(1)
  except IOError:
    time.sleep(1)
  except:
    traceback.print_exc()
    time.sleep(1)

##################################################################
2020-06-03