fetchlog - fetch and convert new messages of a logfile

View the Project Page for downloads.

from the man page:

      fetchlog -f firstcol:lastcol:len:conv logfile bookmarkfile [pattern ..]
      fetchlog -F firstcol:lastcol:len:conv logfile bookmarkfile [pattern ..]

The fetchlog utility displays the last new messages of a logfile. It is similar like tail (1) but offers some extra functionality for output formatting and message filtering using extended regular expressions for pattern matching. To show only the new messages appeared since the last call fetchlog uses a bookmark to remember which messages have been fetched.

fetchlog scans backwards a logfile and collects all messages, optionally only those matching any of the given regular expression patterns. Then fetchlog converts found message lines for output. It stops scanning when one of these conditions become true: The bookmark from bookmarkfile is reached, or more than len characters are ready for output, or an error occurs. fetchlog knows about rotated and uncompressed logfiles and continues scanning in rotated logfiles by appending '.0', '.1' upto '.9' to logfile when scanning in rotated logfiles. Scanning stops without error when a rotated logfile does not exist.

fetchlog may be used as a local plugin for the Nagios (formerly Netsaint) network monitoring system to monitor a local logfile. It follows the calling convention for Nagios plugins when conversion is set at least to 'no' and len is short enough for Nagios.

fetchlog can be used to watch/monitor remote logfiles:


To send out an email containing the messages appeared within the last 60 minutes in /var/log/messages, regarding the 'bubbled', create a shell script similar like this:

    FETCHLOG="/usr/local/bin/fetchlog -F 1:80:1000:s"
    MSG=`$FETCHLOG /var/log/messages /tmp/msgbm 'bubbled'`
    if [ $? -gt 0 ]; then
        echo -e "$MSG" | \
        /usr/bin/mail -s "SYSLOG: $HOST" admin@your.domain

and add an entry in the crontab:

    0 * * * * /path/to/shellscript >/dev/null 2>&1

It is not necessary to run the cronjob as root if /var/log/messages is readable for other users.

What it does: If fetchlog detects new messages in /var/log/messages it collects all new message lines containing 'bubbled', from column 1 upto column 80, at most 1000 character, removes critical shell metacharacters and exits with 2. The collected messages are then send via email to the admin.

Other Example

A tail -f thing that beeps whenever there is something with device0..3 or the sun is going down:

    FETCHLOG="/usr/local/bin/fetchlog -F 1:100:1000:"
    while true; do
       MSG=`$FETCHLOG /var/log/messages /tmp/msgbm 'device[0-3]' 'sun.*down'`
       if [ $? -gt 0 ]; then
	  echo -e "$MSG"
	  echo ^G; sleep 1; echo ^G
       sleep 5

Mailing List

There is a mailing list fetchlog-devel for discussion about fetchlog: It is intended for feedback, support, development, and announcements. Traffic is very low. To subscribe or view archived articles goto fetchlog devel Mailinglist.


There are precompiled packages available for some platforms and operating systems. Please see the OS' package libraries to find the package for your system.

Related Links

Legal: Nagios is a registered trademark of Ethan Galstad.


Alexander Haderer (mail)

Last modified 20 Nov 2008