comment on

In order to avoid repeating old alerts you tell how far you have read the file and keep that as a reference so that every time you read the file you can seek to the last position and avoid reading of old lines. This way you can also avoid storing huge amount of lines in the memory as you only read the latest additions. Of course you have to be aware that most of the logs are rotated sometimes so you need to reset the file pointer occasionally. You can use stat to find out when the file has changed (the file size usually shrinks when it is rotated).

And you really should sleep at least for a second to avoid busy loops and to allow Ctrl-C to arrive faster.

What if the log has 5000 new lines since the last time you read it? Do you fill the screen with 5000 alerts?

--
seek $her, $from, $everywhere if exists $true{love};

In reply to Re: read from network security log file and display lines as alert boxes by puudeli
in thread read from network security log file and display lines as alert boxes by whistler

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.