I
am looking for an alternative to the simple
fetchlog util on unix, which tails a file and has a bookmark of how far it has checked in the file. When a string is found, i can do action, such as launch script, send mail or restart services. Works well for some simple purposes :-)
I am
not looking for full blown log analysis, such as
OSSEC which I really like though.
I havnt found anything that I really want to use, but here is my list of things to try:
WinTail. $49.95, with basics such as send notify mails, but can it run a script, eg. a restart of a service? That is really often needed. 30 day trial, worth a try I guess.
Some more simple tail tools:
Tail4Win. Also 30 day trial, $45, looks similar to normal tail, there seems no notify option.
MakeLogic Tail. Freeware, tails more than one file, requires JRE 5.0, has no notifications it seems.
tail.exe. Windows 2003 resource kit (see below), does not tail more than one file!
Tail Ace. Freeware, multiple logfiles, but no notifications, java based, requires JRE 6.0.
Tail XP. Freeware. Tails more than one file, but you can not see difference, and it is showing in a gui which can not be piped to a grep for example. Only takes one file from commandline -f argument, and still opens it in a gui. No notifications.
None of the above really meets what I at least need of a fetchlog tool. If I can not find a fetchlog alike tool, I would at least need a grep tool that can tail -f more than one file, and from commandline. And output must be possible to send to STDOUT for more processing and use in scripts, eg. based on errorlevel. So far I havnt found anything that does this!
Some of the more full blown tools I stumbled upon was:
http://www.xpolog.com/home/products/xpologCenter.jspA
comprehensive loganalyzer tool overview is available at download32.com, but it is all the stuff, not just what I am looking for, this
tail -f specifics overview is not much better. Perhaps using a
unix tools on Windows would be better than using the simple tools above, because those tools can be piped into other commands, which i really need.
Of course a normal tail without -f wont do, but since
it has so nice batch example code here it is (for more of the same, take a look
here and
here):
@echo off
if {%1}=={} @echo FileName parameter requied.&goto :EOF
if not exist %1 @echo %1 does NOT exist.&goto :EOF
setlocal
set file=%1
set /a number=10
if not {%2}=={} set /a number=%2
for /f %%i in ('find /v /c "" ^< %file%') do set /a lines=%%i @echo %lines% lines in file %file%. if %number% GEQ %lines% set /a start=0&goto console set /a start=%lines% - %number% :console more /e +%start% %file% endlocal
It was a surprise to me that the
Windows 2003 resource kit free tools has a tail.exe, of course it is not enough for notifications and actions, and it can not tail more than one file! For completeness, here is the Windows 2003 resource kit tool list:
- Acctinfo.dll (documented in Readme.htm)
- Adlb.exe: Active Directory Load Balancing Tool
- Admx.msi: ADM File Parser
- Atmarp.exe: Windows ATM ARP Server Information Tool
- Atmlane.exe: Windows ATM LAN Emulation Client Information
- Autoexnt.exe: AutoExNT Service
- Cdburn.exe: ISO CD-ROM Burner Tool
- Checkrepl.vbs: Check Replication
- Chklnks.exe: Link Check Wizard
- Chknic.exe: Network Interface Card Compliance Tool for Network Load Balancing
- Cleanspl.exe: Spooler Cleaner
- Clearmem.exe: Clear Memory
- Clusdiag.msi: Cluster Diagnostics and Verification Tool
- Clusfileport.dll: Cluster Print File Port
- Clusterrecovery.exe: Server Cluster Recovery Utility
- Cmdhere.inf: Command Here
- Cmgetcer.dll: Connection Manager Certificate Deployment Tool
- Compress.exe: Compress Files
- Confdisk.exe: Disk Configuration Tool
- Consume.exe: Memory Consumers Tool
- Creatfil.exe: Create File
- Csccmd.exe: Client-Side Caching Command-Line Options
- Custreasonedit.exe: Custom Reason Editor (documented in Readme.htm)
- Delprof.exe: User Profile Deletion Utility
- Dh.exe: Display Heap
- Diskraid.exe: RAID Configuration Tool
- Diskuse.exe: User Disk Usage Tool
- Dnsdiag.exe: SMTP DNS Diagnostic Tool (documented in Readme.htm)
- Dumpfsmos.cmd: Dump FSMO Roles
- Dvdburn.exe: ISO DVD Burner Tool
- Empty.exe: Free Working Set Tool
- Eventcombmt.exe: Check Replication
- Fcopy.exe: File Copy Utility for Message Queuing
- Frsflags.vbs
- Getcm.exe: Connection Manager Profile Update
- Gpmonitor.exe: Group Policy Monitor
- Gpotool.exe: Group Policy Objects
- Hlscan.exe: Hard Link Display Tool
- Ifilttst.exe: IFilter Test Suite
- Ifmember.exe: User Membership Tool
- Inetesc.adm: Internet Explorer Enhanced Security Configuration
- Iniman.exe: Initialization Files Manipulation Tool
- Instcm.exe: Install Connection Manager Profile
- Instsrv.exe: Service Installer
- Intfiltr.exe: Interrupt Affinity Tool
- Kerbtray.exe: Kerberos Tray
- Kernrate.exe: Kernel Profiling Tool
- Klist.exe: Kerberos List
- Krt.exe: Certification Authority Key Recovery
- Lbridge.cmd: L-Bridge
- Linkd.exe
- Linkspeed.exe: Link Speed
- List.exe: List Text File Tool
- Lockoutstatus.exe: Account Lockout Status (documented in Readme.htm)
- Logtime.exe
- Lsreport.exe: Terminal Services Licensing Reporter
- Lsview.exe: Terminal Services License Server Viewer
- Mcast.exe: Multicast Packet Tool
- Memmonitor.exe: Memory Monitor
- Memtriage.exe: Resource Leak Triage Tool
- Mibcc.exe: SNMP MIB Compiler
- Moveuser.exe: Move Users
- Mscep.dll: Certificate Services Add-on for Simple Certificate Enrollment Protocol
- Nlsinfo.exe: Locale Information Tool
- Now.exe: STDOUT Current Date and Time
- Ntimer.exe: Windows Program Timer
- Ntrights.exe
- Oh.exe: Open Handles
- Oleview.exe: OLE/COM Object Viewer
- Pathman.exe: Path Manager
- Permcopy.exe: Share Permissions Copy
- Perms.exe: User File Permissions Tool
- Pfmon.exe: Page Fault Monitor
- Pkiview.msc: PKI Health Tool
- Pmon.exe: Process Resource Monitor
- Printdriverinfo.exe: Drivers Source
- Prnadmin.dll: Printer Administration Objects
- Qgrep.exe
- Qtcp.exe: QoS Time Stamp
- Queryad.vbs: Query Active Directory
- Rassrvmon.exe: RAS Server Monitor
- Rcontrolad.exe: Active Directory Remote Control Add-On
- Regini.exe: Registry Change by Script
- Regview.exe (documented in Readme.htm)
- Remapkey.exe: Remap Windows Keyboard Layout
- Robocopy.exe: Robust File Copy Utility
- Rpccfg.exe: RPC Configuration Tool
- Rpcdump.exe
- Rpcping.exe
- RPing: RPC Connectivity Verification Tool
- Rqc.exe: Remote Access Quarantine Client
- Rqs.exe: Remote Access Quarantine Agent
- Setprinter.exe: Spooler Configuration Tool
- Showacls.exe
- Showperf.exe: Performance Data Block Dump Utility
- Showpriv.exe: Show Privilege
- Sleep.exe: Batch File Wait
- Sonar.exe: FRS Status Viewer
- Splinfo.exe: Print Spooler Information
- Srvany.exe: Applications as Services Utility
- Srvcheck.exe: Server Share Check
- Srvinfo.exe: Remote Server Information
- Srvmgr.exe: Server Manager
- Ssdformat.exe: System State Data Formatter
- Subinacl.exe
- Tail.exe
- Tcmon.exe: Traffic Control Monitor
- Timeit.exe (documented in Readme.htm)
- Timezone.exe: Daylight Saving Time Update Utility
- Tsctst.exe: Terminal Server Client License Dump Tool
- Tsscalling.exe: Terminal Services Scalability Planning Tools
- Uddicatschemeeditor.exe: UDDI Services Categorization Scheme Editor
- Uddiconfig.exe: UDDI Services Command-line Configuration Utility
- Uddidataexport.exe: UDDI Data Export Wizard
- Usrmgr.exe: User Manager for Domains
- Vadump.exe: Virtual Address Dump
- Vfi.exe: Visual File Information
- Volperf.exe: Shadow Copy Performance Counters
- Volrest.exe: Shadow Copies for Shared Folders Restore Tool
- Vrfydsk.exe: Verify Disk
- Winexit.scr: Windows Exit Screen Saver
- Winhttpcertcfg.exe: WinHTTP Certificate Configuration Tool
- Winhttptracecfg.exe: WinHTTP Tracing Facility Configuration Tool
- Winpolicies.exe: Policy Spy
- Wins.dll: WINS Replication Network Monitor Parser
- Wlbs_hb.dll & Wlbs_rc.dll: Windows Load Balancing Server Network Monitor Parsers
Now that we are looking at Windows 2003, I am reminded that
i have previously gotten help (RMTSHARE.EXE) from Windows NT resource kit tools! So here is
that list. Some of the
Windows NT resource kit tools can be downloaded from Microsoft.
ADDUSERS.EXE: AddUsers - Command-line utility, creates or writes user accounts to a comma delimited file.
(Updated) ANIEDIT.EXE: Animated Cursor Creator - Windows-based tool for drawing and editing animated cursors.
APIMON.EXE: API Monitor
ASSOCIATE.EXE
(Updated) ATANALYZR.EXE: AppleTalk network device ANaLYZeR
AUDITCAT.HLP: Audit Categories Help
(New) AUDITPOL.EXE: AuditPol
AUTOEXNT.EXE: AutoExNT Service - Enables you to start a batch file, AUTOEXNT.BAT, at boot time without having to log on to the computer on which it will run.
(Updated) AUTOLOG.EXE: Windows NT Auto Logon Setter
BREAKFTM.EXE: Automated Mirror Break/Restore Utility
BROWMON.EXE: Browser Monitor - Windows-based tool, shows browser status.
BROWSTAT.EXE: Browser Status - Command-line utility, diagnoses browser problems and shows browser status.
C2CONFIG.EXE: Windows NT C2 Configuration Manager
CHOICE.EXE: Input from Batch Files - (MS-DOS 6.0 utility).
(Updated) CLIP.EXE: Clip
(New) CLIPSTOR.EXE
CMDHERE.EXE: Command Prompt Here
COMPREG.EXE - A Win32 character-based/command-line "Registry DIFF" that enables you to compare any two local and/or remote Registry keys in both Windows NT and Windows 95.
COMPRESS.EXE: File Compress - Command-line utility, compresses files. Needed for Setup customization.
(Updated) COUNTERS.HLP : Windows NT Performance Counters Help
Crystal Reports Event Log Viewer - Provides an easy way to extract, view, save, and publish information from the Windows NT system, application, and security event logs in a variety of formats.
dbWeb
(New) DEFPTR.EXE: Default Printer
DELPROF.EXE: User Profile Deletion Utility
DELSRV.EXE
(New) DEPENDS.EXE: Dependency Walker
Desktop Themes for Windows NT 4.0
DESKTOPS.EXE: DeskTops
DFLYDIST.EXE: Compound File Layout User Tool
(Updated) DH.EXE - Command-line utility, enables you to lock heaps, tags, stacks, and objects.
DHCPCMD.EXE: DHCP Administrator's Tool - Command-line utility.
(Updated) DHCPLOC.EXE: DHCP Server Locator Utility - Command-line utility, detects unauthorized DHCP servers on a subnet.
(Updated) DIRUSE.EXE: Directory Disk Usage - Command-line utility, shows disk space used per directory.
DISKMAP.EXE
DISKSAVE.EXE - Enables you to save the Master Boot Record and Boot Sector as binary image files.
DISKUSE.EXE - Command-line utility, scans directories on a hard disk and reports on space used by each user.
(New) DNSCMD.EXE
DOMMON.EXE: Domain Monitor - Windows-based tool, gives status on domains, domain controllers, trust relationships.
DRIVERS.EXE: Device Driver Information - Command-line utility, shows what drivers have loaded.
DSKPROBE.EXE: DiskProbe
DUMPEL.EXE: Dump Event Log - Command-line utility, dumps the event log to a file.
EM2MS.EXE
EMWAC Server CGI Gateway Scripts
ENUMPRN.EXE
EXCTRLST.EXE: Extensible Performance Counter List
EXETYPE.EXE: Finding the Executable Type - Command-line utility, identifies the hardware platform of a .EXE file.
EXPNDW32.EXE: File Expansion Utility - File Expansion utility, expands the compressed files on Windows NT distribution media.
FILEVER.EXE: FileVer - Command-line utility, examines the version resource structure of a file or a directory of files and displays information on the versions of executable files.
(New) FILEWISE.EXE
FINDGRP.EXE: Find Group - Command-line utility, finds all group memberships of a specified user.
(Updated) FIXACLS.EXE: Reset System File Permissions
FLOPLOCK.EXE: Lock Floppy Disk Drives - Command-line utility or service that restricts access to floppy drives.
FORFILES.EXE
FREEDISK.EXE
FTEDIT.EXE: FT Registry Information Editor - Windows-based tool, enables you to create, edit, and delete fault tolerance sets for disk drives and partitions of local and remote computers.
GETMAC.EXE
GETSID.EXE
GFLAGS.EXE
(Updated) GLOBAL.EXE
GRPCPY.EXE: Group Copy
HCLNT4.HLP: Hardware Compatibility List - HCL in online Help format
(Updated) HEAPMON.EXE
IFMEMBER.EXE - Command-line utility, checks whether the current user is a member of a specified group
. IMAGEDIT.EXE: Image Editor - Windows-based tool, enables the creation of icons and cursors, and also used by the Animated Cursor Creator.
Index Server
INSTALLD.CMD (NTDETECT.COM): Startup Hardware Detector
INSTSRV.EXE: Service Installer - Installs any service.
KERNPROF.EXE: Kernel Profiler
KILL.EXE: Task Killing Utility - Command-line utility, use to end one or more tasks, or processes.
KIX32.EXE: KiXtart 95
(New) KIXGRP.EXE
LAYOUT.DLL
LEAKYAPP.EXE: LeakyApp
LINKCK.EXE: Link Checker
(Updated) LOCAL.EXE
LOGEVENT.EXE: Event Logging Utility
(New) LOGOFF.EXE
LOGTIME.EXE
MIBCC.EXE: SNMP MIB compiler
MONITOR.EXE: Performance Data Logging Service and Configuration Tool
(Updated) MUNGE.EXE
NETCLIP.EXE: Remote Clipboard Viewer
NETCONS.EXE: Net Connections
(New) NETDOM.EXE
NETSVC.EXE: Command-line Service Controller - Command-line utility, remotely starts, stops, and queries the status of services.
(Updated) NetTime for Macintosh
NETWATCH.EXE: Net Watcher - Windows-based tool, shows who is connected to shared directories.
NLMON.EXE
NLTEST.EXE
NOW.EXE: Now - Displays the current date and time on STDOUT, followed by any command-line arguments you add.
(Updated) NTCARD40.HLP: Adapter Help - Describes settings for hardware supported under Windows NT.
NTDETECT.COM (INSTALLD.CMD): Startup Hardware Detector
(Updated) NTEVNTLG.MDB
(Updated) NTIMER.EXE
(Updated) NTMSG.HLP
(New) NTRIGHTS.EXE
NTUUCODE.EXE: 32-Bit UUDecode and UUEncode Utility
OH.EXE
OLEVIEW.EXE: OLE/COM Object Viewer
OS2API.TXT - List of compatible APIs in the OS/2 subsystem.
PASSPROP.EXE
(Updated) PATHMAN.EXE: Pathman
(Updated) PERF2MIB.EXE: Performance Monitor MIB Builder Tool
(Updated) PerfLog: Performance Data Log Service
PERFMTR.EXE: Performance Meter - Text-mode utility, provides performance information.
(Updated) Performance Tools
Perl 5 Scripting Language
PERMCOPY.EXE
PERMS.EXE: File Access Permissions per User - Command-line utility.
PFMON.EXE: Page Fault Monitor
PMON.EXE: Process Resource Monitor - Command-line utility.
POLEDIT.EXE: Windows NT System Policy Editor
POSIX Utilities
Power Toys
PSTAT.EXE: Process and Thread Status - Command-line utility, shows process statistics. Useful for debugging problems.
PULIST.EXE
PVIEWER.EXE: Process Viewer - Windows-based tool, shows the processes running in the system and allows ending processes and boosting priority.
QSLICE.EXE: CPU Usage by Processes - Windows-based tool.
QUICKRES.EXE: Quick Resolution Changer
RASLIST.EXE
RASUSERS.EXE: Enumerating Remote Access Users - Command-line utility.
RCMD.EXE: Remote Command Service - Remotely administers and runs command-line programs, client program. Used with RCMDSVC.EXE.
(New) REG.EXE
REGBACK.EXE: Registry Backup - Command-line utility, backs up Registry hives to files without the use of tape.
REGDMP.EXE
(Updated) REGENTRY.HLP: Windows NT Registry Entries - Online Help file
REGFIND.EXE
Regina REXX Scripting Language
REGINI.EXE: Registry Change by Script - Command-line utility, good for Setup programs.
REGKEY.EXE: Logon and FAT File System Settings - Windows-based tool, sets new Registry settings without actually editing the Registry. (Not on PPC RISC-based computers)
REGREST.EXE: Registry Restoration - Command-line utility, restores Registry hives from files.
Remote Access Manager
(Updated) Remote Console
(Updated) REMOTE.EXE: Remote Command Line - Command-line utility, runs command-line programs on remote computers.
Remote Kill
RIPROUTE.WRI: Routing with Windows NT Server
RMTSHARE.EXE: Remote Share - Command-line utility, sets up or deletes shares remotely and can grant and remove ACLs on those shares.
ROBOCOPY.EXE: Enhanced Network File-Copying Utility - Command-line utility.
RSHSVC.EXE: TCP/IP Remote Shell Service
RSHXMENU.EXE: Security Power Toy
RUNEXT: Run Extension
SC.EXE
SCANREG.EXE - A Win32 character-based/command-line "Registry GREP" that enables you to search for any string in keynames, valuenames, and/or valuedata in local or remote Registries keys in both Windows NT and Windows 95.
SCLIST.EXE
SCOPY.EXE: File Copy with Security - Command-line utility.
SECADD.EXE
SECEDIT.EXE
(Updated) SETEDIT.EXE
SETUPMGR.EXE: Setup Manager - Windows-based tool, enables Windows NT to be installed or upgraded remotely.
SETX.EXE
ShareUI
SHORTCUT.EXE
(Updated) SHOWACLS.EXE
SHOWDISK.EXE
SHOWGRPS.EXE
SHOWMBRS.EXE
SHUTDOWN.EXE and SHUTGUI.EXE: Remote Shutdown - Command-line and GUI utilities, remotely shut down a server.
(New) SIPANEL.EXE: Soft Input Panel
SLEEP.EXE: Batch File Wait - Command-line utility, waits for a specified amount of time. Useful in batch files.
SNMPMON.EXE: SNMP Monitor
SNMPUTIL.EXE: SNMP Browser
SOON.EXE: Near-Future Command Scheduler
SRVANY.EXE: Applications as Services Utility
SRVCHECK.EXE
SRVINFO.EXE
SRVINSTW.EXE: Service Installer Wizard
(New) SRVMON.EXE: Service Monitor
(Updated) SU.EXE - Enables you to start a process running as an arbitrary user.
(Updated) SUBINACL.EXE: SubInAcl
SYSDIFF.EXE
TDISHOW.EXE: TDI Tracing Utility - Command-line utility, traces packets going across the TDI layer.
TELNETD.EXE: Telnet Server Beta
TEXTVIEW.EXE: TextViewer
TIMEOUT.EXE
(Updated) TIMESERV.EXE: Time Synchronizing Service - Command-line utility or service.
TIMETHIS.EXE: TimeThis
TIMEZONE.EXE
TLIST.EXE: Task List Viewer
TLOCMGR.EXE: Telephony Location Manager
TOPDESK.EXE: Multiple Desktops - Windows-based tool.
(Updated) TOTLPROC.EXE
TweakUI
TZEDIT.EXE: Time Zone Editor - Windows-based tool.
UPTOMP.EXE: Uni to Multiprocessor Upgrade Utility
USRSTAT.EXE
USRTOGRP.EXE: Add Users to Groups - Command-line utility, adds users to local or global groups from a user-specified input text file.
VDESK.EXE
(New) WAITFOR.EXE
WCAT: Web Capacity Analysis Tool
Web Administration of Microsoft Windows NT Server
WhoAmI
(Updated) WINAT.EXE: Command Scheduler
WINDIFF.EXE: File and Directory Comparison - Windows-based tool.
WINEXIT.SCR: Windows Exit Screen Saver - Logs the current user off after a specified time has elapsed.
(Updated) WINLOGO.DOC: "Designed for Windows NT and Windows 95" Logo Handbook
(Updated) WinMsdP.EXE - Command-line utility, generates a text file of all the information in WINMSD.
WINSCHK.EXE
WINSCL.EXE
WINSDMP.EXE: WinsDump
WNTIPCFG.EXE: Graphical IPConfig Utility
XCACLS.EXE
The
Windows 2000 resource kit tools are
equally important(jt.exe), here is a (not complete list). You can
download some of the Windows 2000 resource kit tools from Microsoft.
Active Directory Sizer (adsizer.exe)
Application Programming Interface monitor (apimon.exe)
Application Security (appsec.exe)
Cluster Quorum Restore Utility (clusrest.exe)
Counter List (ctrlist.exe)
Cluster Verification Utility (clustsim.exe)
Domain Controller Diagnostic Tool (dcdiag.exe)
Delete File and Reparse Points (delrp.exe)
Delete Server (delsrv.exe)
Display Heap (dh.exe)
DHCP Database Export Import Tool (dhcpexim.exe)
Directory Disk Usage (diruse.exe)
Disk Map (diskmap.exe)
Disk Partition (diskpart.exe)
Disk Manager Diagnostics (dmdiag.exe)
List Loaded Drivers (drivers.exe)
Drive Share (drmapsrv.exe)
Dump Event Log (dumpel.exe)
Dump FSMO Roles (dumpfsmos.cmd)
Registry Size Estimator (dureg.exe)
Encrypting File System Information (efsinfo.exe)
Extensible Performance Counter List (exctrlst.exe)
Extract Cabinet (extract.exe)
FAZAM 2000
GetMAC (getmac.exe)
Get Security ID (getsid.exe)
Group Policy Verification Tool (gpotool.exe)
Group Policy Results (gpresult.exe)
GUID to Object (guid2obj.exe)
Heap Monitor (heapmon.exe)
Hard link display tool (hlscan.exe)
If Member (Ifmember.exe)
IIS Migration Wizard (IISMIGrationWizard_Setup.exe)
Installation Monitor (instaler_setup.exe)
File-In-Use Replace Utility (inuse.exe)
Internet Protocol Security Policies Tool (lpsecpol.exe)
Kerberos Tray (kerbtray.exe)
Kerberos List (klist.exe)
Network Connectivity Tester (netdiag.exe)
Now (now.exe)
NT Detect (ntdetect.com)
Open Handles (oh.exe)
OLE/COM Object Viewer (oleview.exe)
Path Manager (pathman.exe)
File Access Permissions per User (perms.exe)
Page Fault Monitor (pfmon.exe)
Process and Thread Status (pstat.exe)
PuList (pulist.exe)
File Copy (rdpclip.exe)
Relog (relog.exe)
RPC Configuration Tool (rpccfg.exe)
RPC Dump (rpcdump.exe)
RPC Connectivity Verification Tool (rpings.exe)
Manipulate Service Principal Names for Accounts (setspn.exe)
SetX (setx.exe)
Performance Data Block Dump Utility (showperf.exe)
File Replication Service (FRS) Status Viewer (sonar.exe)
Near-Future Command Scheduler (soon.exe)
Automated Installation Tool (sysdiff.exe)
Timethis (timethis.exe)
Trace Dump (tracedmp.exe)
Trace Enable (traceenable.exe)
Trace Log (tracelog.exe)
Terminal Server Capacity Planning Tools (tscpt.exe)
User State Migration Tool (usmt.exe)
Virtual Address Dump (vadump.exe)
Who Am I (whoami.exe)
WinStation Monitor (winsta.exe)
Windows NT IPConfig Utility (wntipcfg.exe)
XCacls (xcacls.exe)
Maybe someone knows of a website that does "Windows alternatives for open source tools", similar to "
Open source alternative for Windows (commercial) tools"?
