Bash-scriptingHow-ToBeginner · 2 min read

Bash Script to Monitor Log File in Real-Time

Use tail -f /path/to/logfile in a Bash script to monitor a log file in real-time, showing new lines as they are added.

📋

Examples

Input/var/log/syslog

OutputShows new syslog entries as they appear in real-time

Input/tmp/app.log

OutputDisplays new lines appended to /tmp/app.log continuously

Input/nonexistent.log

Outputtail: cannot open '/nonexistent.log' for reading: No such file or directory

🧠

How to Think About It

To monitor a log file, you want to watch new lines added to it without re-reading the whole file. The tail -f command does this by following the file and printing new lines as they come. Your script just needs to run this command with the log file path.

📐

Algorithm

Get the path of the log file to monitor as input

Use the <code>tail -f</code> command on the log file

Print new lines to the console as they are added

Keep running until the user stops the script

💻

Code

bash

#!/bin/bash

LOGFILE="$1"

if [[ ! -f "$LOGFILE" ]]; then
  echo "File not found: $LOGFILE"
  exit 1
fi

echo "Monitoring $LOGFILE. Press Ctrl+C to stop."
tail -f "$LOGFILE"

Output

Monitoring /var/log/syslog. Press Ctrl+C to stop. <new lines from /var/log/syslog appear here as they are added>

🔍

Dry Run

Let's trace monitoring /tmp/app.log through the code

Check if file exists

File /tmp/app.log exists, so continue

Print monitoring message

Prints: Monitoring /tmp/app.log. Press Ctrl+C to stop.

Run tail -f

Starts showing new lines added to /tmp/app.log

Step	Action	Value
1	Check file	/tmp/app.log exists
2	Print message	Monitoring /tmp/app.log. Press Ctrl+C to stop.
3	Run tail	tail -f /tmp/app.log

💡

Why This Works

Step 1: Check file existence

The script first checks if the log file exists using [[ -f "$LOGFILE" ]] to avoid errors.

Step 2: Inform user

It prints a message so the user knows monitoring started and how to stop it.

Step 3: Follow file changes

The tail -f command keeps the script running and outputs new lines added to the log file in real-time.

🔄

Alternative Approaches

Using inotifywait

bash

#!/bin/bash
LOGFILE="$1"

if [[ ! -f "$LOGFILE" ]]; then
  echo "File not found: $LOGFILE"
  exit 1
fi

inotifywait -m -e modify "$LOGFILE" | while read -r; do
  tail -n 10 "$LOGFILE"
done

This uses file system events to detect changes, which can be more efficient but requires inotify-tools installed.

Using while loop with sleep

bash

#!/bin/bash
LOGFILE="$1"
LAST_SIZE=0

while true; do
  CURRENT_SIZE=$(stat -c%s "$LOGFILE")
  if (( CURRENT_SIZE > LAST_SIZE )); then
    tail -c +$((LAST_SIZE + 1)) "$LOGFILE"
    LAST_SIZE=$CURRENT_SIZE
  fi
  sleep 1
done

This polls the file size every second and prints new content, but is less efficient and more complex.

⚡

Complexity: O(n) time, O(1) space

Time Complexity

The script runs continuously, processing new lines as they arrive, so time depends on log growth (n lines).

Space Complexity

Uses constant extra memory since it streams output without storing the whole file.

Which Approach is Fastest?

tail -f is efficient for real-time monitoring; alternatives like polling or inotify add complexity or dependencies.

Approach	Time	Space	Best For
tail -f	O(n)	O(1)	Simple, real-time monitoring
inotifywait	O(n)	O(1)	Event-driven monitoring, efficient but needs extra tool
Polling with sleep	O(n)	O(1)	Works without extra tools but less efficient

💡

Use tail -f for simple real-time log monitoring in Bash scripts.

⚠️

Forgetting to check if the log file exists before running tail -f causes errors.