linux动态监听文件,linux shell 通过 inotify 实时监控文件的变化

inotify 是linux内核的一个特性，在内核 2.6.13 以上都可以使用。如果在shell环境下，可以安装 yum install inotify-tools,安装以后有两个命令可以用inotifywait 和 inotifywatch，inotifywait 是需要使用的命令。

这里监控一个文件 ~/test

#!/bin/bash

# inotify 监控文件的变化

inotifywait -mqr --timefmt '%Y-%m-%d %H:%M:%S' --format '%w %f %e %T' ~/test |

while read line; do

#echo $line

tmpfile=`echo $line | awk '{print $1}'`

tmptype=`echo $line | awk '{print $2}'`

tmpdate=`echo $line | awk '{print $3 " " $4 }'`

echo "file: "$tmpfile;

echo "type: "$tmptype;

echo "date: "$tmpdate;

done

演示的效果

帮助信息

Wait for a particular event on a file or set of files.

Usage: inotifywait [ options ] file1 [ file2 ] [ file3 ] [ ... ]

Options:

-h|--help Show this help text.

@ Exclude the specified file from being watched.

--exclude

Exclude all events on files matching the

extended regular expression .

--excludei

Like --exclude but case insensitive.

-m|--monitor Keep listening for events forever. Without

this option, inotifywait will exit after one

event is received.

-d|--daemon Same as --monitor, except run in the background

logging events to a file specified by --outfile.

Implies --syslog.

-r|--recursive Watch directories recursively.

--fromfile

Read files to watch from or `-' for stdin.

-o|--outfile

Print events to rather than stdout.

-s|--syslog Send errors to syslog rather than stderr.

-q|--quiet Print less (only print events).

-qq Print nothing (not even events).

--format Print using a specified printf-like format

string; read the man page for more details.

--timefmt strftime-compatible format string for use with

%T in --format string.

-c|--csv Print events in CSV format.

-t|--timeout

When listening for a single event, time out after

waiting for an event for seconds.

If is 0, inotifywait will never time out.

-e|--event [ -e|--event ... ]

Listen for specific event(s). If omitted, all events are

listened for.

Exit status:

0 - An event you asked to watch for was received.

1 - An event you did not ask to watch for was received

(usually delete_self or unmount), or some error occurred.

2 - The --timeout option was given and no events occurred

in the specified interval of time.

Events:

access file or directory contents were read

modify file or directory contents were written

attrib file or directory attributes changed

close_write file or directory closed, after being opened in

writeable mode

Events:

access file or directory contents were read

modify file or directory contents were written

attrib file or directory attributes changed

close_write file or directory closed, after being opened in

writeable mode

close_nowrite file or directory closed, after being opened in

read-only mode

close file or directory closed, regardless of read/write mode

open file or directory opened

moved_to file or directory moved to watched directory

moved_from file or directory moved from watched directory

move file or directory moved to or from watched directory

create file or directory created within watched directory

delete file or directory deleted within watched directory

delete_self file or directory was deleted

unmount file system containing file or directory unmounted