惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

K
Kaspersky official blog
Martin Fowler
Martin Fowler
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
V
Visual Studio Blog
博客园_首页
Engineering at Meta
Engineering at Meta
The Cloudflare Blog
MongoDB | Blog
MongoDB | Blog
Blog — PlanetScale
Blog — PlanetScale
T
The Blog of Author Tim Ferriss
雷峰网
雷峰网
D
Docker
博客园 - 司徒正美
S
SegmentFault 最新的问题
M
MIT News - Artificial intelligence
博客园 - 叶小钗
博客园 - 三生石上(FineUI控件)
U
Unit 42
J
Java Code Geeks
A
About on SuperTechFans
N
Netflix TechBlog - Medium
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
S
Security Affairs
I
Intezer
Cisco Talos Blog
Cisco Talos Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog RSS Feed
P
Privacy & Cybersecurity Law Blog
T
Tenable Blog
T
Threatpost
H
Hacker News: Front Page
G
Google Developers Blog
博客园 - 【当耐特】
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research
L
Lohrmann on Cybersecurity
大猫的无限游戏
大猫的无限游戏
Google DeepMind News
Google DeepMind News
A
Arctic Wolf
S
Secure Thoughts
GbyAI
GbyAI
NISL@THU
NISL@THU
S
Security @ Cisco Blogs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Webroot Blog
Webroot Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
O
OpenAI News
Spread Privacy
Spread Privacy
Application and Cybersecurity Blog
Application and Cybersecurity Blog

博客园 - 秋忆

跑在Docker下的RHEL7编译Java8源码包 AWS SDK for C++调用第三方S3 API Windows 10恢复Shift+右键打开命令提示符窗口 TP-LINK WR841N V8刷OpenWRT Build subversion 1.8 with SSL on OS X Yosemite OpenWrt自定义和官方一样的固件 Windows 10下通过蓝牙连接iPhone个人热点进行共享上网 Broadcom有线网卡在Windows 8/8.1/10下使用系统自带驱动会断网的解决办法 BCM94352HMB蓝牙BCM20702A0在Ubuntu 14.04下的驱动方法 C语言实现GPT头和分区表的读取(gcc) C/C++用OpenSSL库进行Base64编码 把Windows CA根证书安装到iPhone 编程实现设置“启动与故障恢复”的“在需要时显示恢复选项的时间” 笔记本电脑键盘状态助手KeyboardState Windows x64与x86混合编程需要注意的API 查看.NET程序集编译类型命令corflags 开启Windows7多用户远程桌面 Windows优化大师已经成为“流氓大师” C#打开目录并选中文件(夹)的实现
利用pyinotify监控文件内容,像tailf命令但比它更强
秋忆 · 2017-08-27 · via 博客园 - 秋忆

Linux的tail/tailf命令使用了内核提供的inotify功能,下面的Python例子也使用inotify实现比tail/tailf更强的监控文件功能。

watchfile.py

#!/usr/bin/python
import sys, os, pyinotify

notifier = None
monfile = None
lastsize = 0
wm = None
wd = 0

def roll_file(filename):
	global lastsize
	fd = os.open(filename, os.O_RDONLY)
	try:
		newsize = os.fstat(fd).st_size
		if newsize <= lastsize: return
		os.lseek(fd, lastsize, os.SEEK_SET)
		while True:
			data = os.read(fd, 4096)
			if not data: break
			sys.stdout.write(data)
		sys.stdout.flush()

		pos = os.lseek(fd, 0, os.SEEK_CUR)
		lastsize = pos if pos != lastsize else newsize
	finally:
		os.close(fd)

class EventHandler(pyinotify.ProcessEvent):
	def process_IN_CREATE(self, event):
		if monfile == event.pathname:
			global wd
			wd = wm.add_watch(monfile, pyinotify.IN_MODIFY).values()[0]
			roll_file(monfile)

	def process_IN_DELETE(self, event):
		global wd, lastsize
		if monfile == event.pathname:
			if wd > 0:
				try: wm.rm_watch(wd, quiet=False)
				except pyinotify.WatchManagerError: pass
				wd = 0
			lastsize = 0

	def process_IN_MOVED_FROM(self, event):
		self.process_IN_DELETE(event)

	def process_IN_MOVED_TO(self, event):
		self.process_IN_DELETE(event)
		self.process_IN_CREATE(event)

	def process_IN_MODIFY(self, event):
		roll_file(monfile)

def main():
	global notifier, lastsize, wm, wd, monfile
	monfile = os.path.abspath(sys.argv[1])
	print "path={0}".format(monfile)

	lastsize = os.stat(monfile).st_size

	wm = pyinotify.WatchManager()
	notifier = pyinotify.Notifier(wm, EventHandler())
	wd = wm.add_watch(monfile, pyinotify.IN_MODIFY).values()[0]
	wm.add_watch(os.path.dirname(monfile), pyinotify.IN_DELETE | pyinotify.IN_CREATE | pyinotify.IN_MOVED_FROM | pyinotify.IN_MOVED_TO)
	print "watching {0} ...".format(monfile)

	while True:
		notifier.process_events()
		if notifier.check_events():
			notifier.read_events()

if __name__ == "__main__":
	try:
		main()
	finally:
		if notifier: notifier.stop()

使用方法:

./watchfile.py ~/test.log

被监控的文件做改名、删除、创建的操作都可以继续监控。