©2024 Powered By TrumanWong
inotifywait
Asynchronous file system monitoring mechanism
Supplementary instructions
Inotify is a powerful, fine-grained, asynchronous file system monitoring mechanism that meets a variety of file monitoring needs and can monitor the access attributes, read-write attributes, permission attributes, deletion, creation, and movement of the file system. Wait for operations, that is, you can monitor all changes to the file. .
inotify-tools is a C library and a set of command line jobs that provide a simple interface to inotify under Linux. After inotify-tools is installed, you will get the two commands inotifywait and inotifywatch:
- inotifywait command can be used to collect relevant file access information. Linux distributions generally do not include this command. You need to install inotify-tools. This command also requires inotify support to be compiled into the Linux kernel. Fortunately, most Linux distributions Both have inotify enabled in the kernel.
- inotifywatch command is used to collect statistics about the file system being watched, including how many times each inotify event occurred.
Before starting, you need to check whether the system kernel supports inotify:
Use the uname -r command to check the Linux kernel. If it is lower than 2.6.13, you need to recompile the kernel to add inotify support.
Use the ll /proc/sys/fs/inotify command to check whether the following three messages are output. If not, it means it is not supported.
ll /proc/sys/fs/inotify
total 0
-rw-r--r-- 1 root root 0 Jan 4 15:41 max_queued_events
-rw-r--r-- 1 root root 0 Jan 4 15:41 max_user_instances
-rw-r--r-- 1 root root 0 Jan 4 15:41 max_user_watches
Install inotify-tools
- inotify-tools project address: https://github.com/rvoicilas/inotify-tools
- inotify-tools download address: http://github.com/downloads/rvoicilas/inotify-tools/inotify-tools-3.14.tar.gz
#CentOS release 5.8/64 bit:
tar zxvf inotify-tools-3.14.tar.gz
cd inotify-tools-3.14
./configure
make
make install
For installation methods of other Linux distributions, please see: https://github.com/rvoicilas/inotify-tools/wiki#wiki-getting
inotify related parameters
inotify defines the following interface parameters, which can be used to limit the amount of kernel memory consumed by inotify. Since these parameters are all memory parameters, their size can be adjusted in real time according to application requirements:
/proc/sys/fs/inotify/max_queued_evnetsrepresents the maximum number of events that can be queued in the inotify instance when calling inotify_init. Events exceeding this value are discarded, but the IN_Q_OVERFLOW event will be triggered./proc/sys/fs/inotify/max_user_instancesindicates the upper limit of the number of instatnces that can be created by each real user id./proc/sys/fs/inotify/max_user_watchesindicates the maximum number of directories that can be monitored by each instatnces. If the number of monitored files is huge, you need to increase the size of this value appropriately according to the situation.
According to the above, it can be executed on 32-bit or 64-bit systems:
echo 104857600 > /proc/sys/fs/inotify/max_user_watches
echo 'echo 104857600 > /proc/sys/fs/inotify/max_user_watches' >> /etc/rc.local
If you encounter the following error:
inotifywait: error while loading shared libraries: libinotifytools.so.0: cannot open shared object file: No such file or directory
**Solution:**
32-bit system: ln -s /usr/local/lib/libinotifytools.so.0 /usr/lib/libinotifytools.so.0
64-bit systems: ln -s /usr/local/lib/libinotifytools.so.0 /usr/lib64/libinotifytools.so.0
Use of inotifywait command
#!/bin/bash
#filename watchdir.sh
path=$1
/usr/local/bin/inotifywait -mrq --timefmt '%d/%m/%y/%H:%M' --format '%T %w %f' -e modify,delete,create,attrib $ path
Execution output:
./watchdir.sh /data/wsdata/tools/
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swp
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swx
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swx
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swp
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swp
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swp
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swp
04/01/13/16:34 /data/wsdata/tools/ .j.jsp.swp
04/01/13/16:35 /data/wsdata/tools/ 4913
04/01/13/16:35 /data/wsdata/tools/ 4913
04/01/13/16:35 /data/wsdata/tools/ 4913
04/01/13/16:35 /data/wsdata/tools/ j.jsp
04/01/13/16:35 /data/wsdata/tools/ j.jsp
04/01/13/16:35 /data/wsdata/tools/ j.jsp
04/01/13/16:35 /data/wsdata/tools/ j.jsp~
04/01/13/16:35 /data/wsdata/tools/ .j.jsp.swp
inotifywait command parameters
-mmeans to continuously monitor changes.-ruses recursive form to monitor directories.-qreduces redundant information and only prints out the required information.-especifies the list of events to monitor.--timefmtis the output format of the specified time.--formatspecifies detailed information about file changes.
Events that can be monitored
| Event | Description |
|---|---|
| access | Access, read the file. |
| modify | modify, the file content is modified. |
| attrib | Attribute, the file metadata is modified. |
| move | Move, move files. |
| create | Create, generate a new file |
| open | Open, open the file. |
| close | Close, close the file. |
| delete | delete, the file is deleted. |
Nginx利用访问日志、错误日志和请求跟踪进行调试和故障排除
- 6/21/2024
Nginx负载均衡配置
- 6/20/2024
Kafka管理命令(二):消费者群组
- 5/23/2024
Kafka管理命令(一):主题操作
- 5/22/2024