Date: Tue, 21 Aug 2007 17:21:11 +0400 From: sam <samflanker@gmail.com> To: Eric Crist <mnslinky@gmail.com> Cc: freebsd-hackers@freebsd.org, Robert Watson <rwatson@FreeBSD.org> Subject: Re: work praudit with tee & grep Message-ID: <46CAE6C7.5060706@gmail.com> In-Reply-To: <C48660DC-BD8A-4D38-A0BC-4707921E4799@gmail.com> References: <46C9528D.8010201@gmail.com> <20070821123943.N50579@fledge.watson.org> <46CADFF9.2000700@gmail.com> <C48660DC-BD8A-4D38-A0BC-4707921E4799@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Eric Crist wrote: > On Aug 21, 2007, at 7:52 AMAug 21, 2007, sam wrote: > >> Robert Watson wrote: >>> >>> On Mon, 20 Aug 2007, sam wrote: >>> >>>> I am installed AUDIT >>>> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/audit.html >>>> >>>> # praudit /etc/auditpipe | grep "xxx" >>>> & >>>> # praudit /etc/auditpipe | tee file.log >>>> & >>>> # praudit /etc/auditpipe > file.log >>>> >>>> this is not work >>>> please help me >>> >>> Vladimir, >>> >>> Could you confirm that when you typed the command, you entered it as >>> above instead of using /dev/auditpipe, the actual name of the audit >>> device? I think all the examples in the Handbook are correct, >>> suggesting a transcription error either when you typed the command, >>> or when you copied it to the e-mail. If that's not it, could you be >>> more specific about the failure mode? >>> >>> Robert N M Watson >>> Computer Laboratory >>> University of Cambridge >>> >> sorry >> my problem in buffer-pipe >> # praudit -l /dev/auditpipe | tee file.log >> >> need full load in buffer-pipe (4096 bytes), after data forward to >> STDOUT & file.log >> please help me data forward without buffer-pipe ?? > > Try the --line-buffered option to grep. I've had a lot of luck with > it. Something like the following may work for you: > > # praudit /etc/auditpipe | grep --line-buffered -e "xxx" > > If you just want to pipe to a file, use something like: > > # praudit /etc/auditpipe | grep --line-buffered -e "$" >> file.log > > HTH > ----- > Eric F Crist > Secure Computing Networks > > > thx this not working wite up buffer-pipe to 4096 bytes
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46CAE6C7.5060706>