How to parse and read XML log files in CLI Linux – multiple files with multiple tags.
Applications can log as xml and you might need to read those log files.
These files can be later processed by a log aggregator application.
A simple command to monitor the latest entries in your logs across multiple files.
You can use tail -f following and pass it the ls -t sorted by date/time and head-10 limits the file count to the last 10 files.
This is possible by using the | pipe character to pass the result from one tool to the next in the pipeline.
Then awk will print the part of the log entry you want. you can change $1 to $0 or $2 and so on.
Awk is a programming language that can be used in CLI easily as you see bellow.
the awk -F parameter changed the default awk field separator or column delimiter, space, to the one you specify here.
Because the files are xml audit files this delimiter regular expression <[^<]+?> will match xml elements like
This can be split in 3 parts, <[^<]+?>
< = starts with an opening angle bracket <
[^<] = not another < inside this set
+? = as many other characters further
= must end with a closing angle bracket.
Script
tail -f `ls -1t /var/log/somepath/logfile_id_*.xml | head -10` | awk -F "<[^<]+?>" '{print $0}'
Leave a Reply