How to use PHP scripts for log monitoring in Linux systems

How to use PHP scripts for log monitoring in Linux systems

With the widespread application of Linux systems, system monitoring and log analysis have become more and more important. . Among them, using PHP scripts for log monitoring is a common way. This article will introduce how to use PHP scripts to implement simple log monitoring and provide specific code examples.

1. Create a PHP script file
First, create a file named "log_monitor.php" on the Linux system. This file will be used to monitor changes in the specified log file.

Use a command line editor (such as vi) to open a blank file, and then enter the following content:

<?php
// 指定要监控的日志文件
$logFile = '/var/log/syslog';

// 获取文件的初始大小
$fileSize = filesize($logFile);

// 持续监控日志文件的变化
while (true) {
  clearstatcache(); // 清除文件状态缓存

  // 获取文件当前的大小
  $currentSize = filesize($logFile);

  // 判断日志文件是否发生变化
  if ($currentSize > $fileSize) {
    // 日志文件发生变化，输出最新的内容
    $handle = fopen($logFile, 'r');
    fseek($handle, $fileSize); // 设置文件指针位置到初始大小之后
    $content = fread($handle, $currentSize - $fileSize); // 读取从初始大小到当前大小之间的内容
    fclose($handle);

    // 处理日志内容，比如输出到控制台或写入日志文件
    echo $content;
  }

  // 更新文件的初始大小为当前大小
  $fileSize = $currentSize;

  // 休眠一段时间，避免过于频繁地读取文件
  sleep(1);
}
?>

Code description:

• Line 3: Specify the The path of the monitored log file. Here we take the monitoring system log file /var/log/syslog as an example. You can modify this path according to actual needs.
• Line 6: Get the initial size of the log file.
• Lines 10-31: Enter an infinite loop and monitor the log file within the loop body. First clear the file status cache, then get the current size of the file and compare it with the initial size to determine whether the log file has changed. If a change occurs, the content from the initial size to the current size is read and processed accordingly, such as outputting to the console or writing to a log file. Finally, the initial size is updated to the current size and sleeps for 1 second to avoid frequent reading of the file.

2. Run the PHP script
Save the above code and close the file editor.

Then, use the following command to run the PHP script in the Linux system:

php log_monitor.php

After running, the script will continue to monitor the specified log file and output the latest content when the log file changes. .

It should be noted that before running the script, make sure that the PHP interpreter has been installed correctly and added to the system's environment variables, so that the PHP script can run normally.

3. Expansion and Optimization
The above sample code is just a simple log monitoring script, you can expand and optimize it according to actual needs.

For example, the read log content can be processed more flexibly, such as matching specific keywords or log levels through regular expressions, and then performing corresponding alarm or processing operations.

In addition, you can consider using third-party log analysis tools (such as Elasticsearch, Logstash, Kibana, etc.) to centrally manage and analyze logs to better discover, troubleshoot, and solve system problems.

Summary
By using PHP scripts for log monitoring, we can monitor log file changes in the Linux system in real time and take corresponding measures in a timely manner. This article introduces the basic implementation principles and specific code examples, and provides some ideas for expansion and optimization. I hope it will be helpful to you in log monitoring in Linux systems.

The above is the detailed content of How to use PHP scripts for log monitoring in Linux systems. For more information, please follow other related articles on the PHP Chinese website!