Linux - Script for Squid and Apache Real Time Logging (Server Monitoring)

As default squid and Apache put the log file in it's logs folder and we can see activity log using any Linux text editor. Tail are one of Linux utility for reading text or log file in real time. Tail is a program on Unix and Unix-like systems used to display the last few lines of a text file or piped data. But some time information on log files are to confusing us as they providing many activity information on logged.


Another tool for helping us reading the log files is AWK, The AWK language is useful for manipulation of data files, text retrieval and processing, and for prototyping and experimenting with algorithms.


Using this tool (combining) will make logs information more specific depend on option gives.

Example command:
[root@linux ~]#tail -f /var/log/squid/access.log | awk '{print$3 " " $8 " " $4 " " $6 " " $8 " " $9 " " $7}'
Where number showed on awk option are number of log information per line splited by space.

This tail can be either to show Apache access log information, the same method can be used here but information on Apache logs are different form squid log information and you have to change the awk option to make the information look informative.

I think this command doesn't look difficult, all you have to do is view the log file using tail and select the information you want to see using awk.

Now let's write this command into a bash file, so we can execute it later in sort command.

script:

#!/bin/sh

# Define some variables#
TAIL="/usr/bin/tail -f"
LOG="/var/log/squid/access.log"

#Let's do it#
$TAIL $LOG | awk '{print$3 " " $8 " " $4 " " $6 " " $8 " " $9 " " $7}'

#DONE
Save this script into /usr/local/bin/squidlog
and give it an execution right

[root@linux ~]#chmod u+x /usr/local/bin/squidlog
Now we can view squid logs by just only type "squidlog" on bash shell and you'll see the log.

Do a little modification in LOG and awk option for Apache logging,

LOG="/var/log/whereis/your/apache/access_log"
and save it to /usr/local/bin/apachelog and do a chmod u+x to the apachelog file so the file can be execute.

Now by typing apachelog on bash shell you can see the logs of Apache in a real-time.

Links:
http://en.wikipedia.org/wiki/Tail_%28Unix%29
http://unixhelp.ed.ac.uk/CGI/man-cgi?awk