Tailing a remote logfile without opening an SSH connection?
December 27, 2005 12:06 PM   Subscribe

How can I tail a remote logfile without actually opening up an SSH connection each time?

I'd like to be able to use geektool (i'll settle for iterm) to monitor the alert.log on a production database server without having to manually SSH into the box. Is it possible to create a symlink (or whatever) that will let me do this? I do have scp and ssh access to the box.

I suppose I could SCP the file to my local box every n seconds but I'm sure that a better way exists. Is it possible to mount a remote volume over SSH?
posted by neilkod to Computers & Internet (13 answers total)
 
ssh takes in an optional execution argument. It allows you to log in and execute that one command.

So something like:
ssh neilkod@neilkodsserver.com "tail -f /path/to/log/file"

You could then stick that command in a script, then run that script or double-click on it.

The only real trick here is getting it to log in automatically. Google ssh-keys for more.
posted by maschnitz at 12:10 PM on December 27, 2005


You can run an NFS mount over SSH.
posted by cmonkey at 12:10 PM on December 27, 2005


maschntiz's idea is pretty good. You could also write a script to automaticaly 'tail' the file every n seconds, pipe the output into some other file and then SCP that file whenver you felt like it.
posted by delmoi at 12:22 PM on December 27, 2005


Your problem is not uncommon. You want to lookup remote logging with syslog. You can set syslog to send its log via UDP to wherever you specify (your box...).
posted by jellicle at 12:32 PM on December 27, 2005


LUFS claims to let you do this, although I've never used it.
posted by Caviar at 1:07 PM on December 27, 2005


Why not just stay logged in? Is it that you can only run one command?

How about creating a specific user to do this, with a login script in .login that runs your "tail -f /path/to/file" command?
posted by mkultra at 1:16 PM on December 27, 2005


Upon futher research, FUSE seems to be in more active development than LUFS.
posted by Caviar at 1:28 PM on December 27, 2005


One possibility is to run your ssh/tail inside a screen session on your Mac. Then you can detach from screen while leaving the tty process running. A simple screen -r will resume. I don't know if screen comes with the Mac or not. A quick search turned up a Darwin Ports version for MacOS: there are probably other versions, too.
posted by Nelson at 1:48 PM on December 27, 2005


For fun you can use FUSE/AVFS to mount a filesystem from an SSH server.
posted by kcm at 1:49 PM on December 27, 2005


Response by poster: Nelson, that's what I was hoping for, but BOFH literally said "uhh what the hell is screen" when I asked him if he would install it on our Solaris 9 boxes.
posted by neilkod at 2:13 PM on December 27, 2005


It sounds to me like you have the belief that ssh requires a manual login process. It most certainly does not, and if you are not using public-key authentication (sometimes called "passwordless") you are missing out on a killer feature of ssh.

You create a keypair on your local system by running ssh-keygen. Then you add the public half of that key to the remote system's ~/.ssh/authorized_keys file. Combine this with setting your username for the remote system in ~/.ssh/config and you can now just "ssh hostname" without entering so much as a username or password. Or you can "ssh hostname tail -f /path/to/file" and to tail the file. This is in fact way more secure than typing a password.
posted by Rhomboid at 3:28 PM on December 27, 2005 [2 favorites]


If you're going to do that, I strongly suggest that you also look into ssh-agent. Among other things, it lets you use passphrases with your keys, but also not have to type in the passphrase every time.
posted by Caviar at 4:03 PM on December 27, 2005


DSA keys for ssh and keychain are your friends. And even if BOFH hasn't heard of screen, surely they can go look it up and install it for you despite their cluelessness?
posted by polyglot at 8:38 PM on December 27, 2005


« Older My dog loves the litterbox but my cat doesn't.   |   How much cello can I get for $500? Newer »
This thread is closed to new comments.