Vista's decision to ship without a native tail.exe makes monitoring logs difficult without GNUWin32 or Cygwin or some other third party utility. This batch (tail.cmd) helps:
@echo off
set file = %1
:top
choice /T 1 /D Y > NUL
for /f "eol=: tokens=3" %%i in ('find ^/C " " %1') do set lastline=%%i
set /a newlastline=%lastline% - 1
set oldlastline=%newlastline%
:top1
choice /T 1 /D Y > NUL
for /f "eol=: tokens=3" %%i in ('find ^/C " " %1') do set lastline=%%i
set /a newlastline=%lastline% - 1
if %oldlastline%==%newlastline% (goto top1) else more +%newlastline% %1 && goto top
[output]:
C:\Windows\System32\LogFiles\Firewall>tail pfirewall.log
2009-07-21 14:53:25 DROP UDP 192.168.0.10 192.168.0.255 138 138 229 - - - - - - - RECEIVE
2009-07-21 14:54:43 ALLOW UDP 10.0.0.2 10.0.0.255 138 138 0 - - - - - - - SEND
2009-07-21 14:57:16 DROP UDP 192.168.0.11 192.168.0.1 54103 53 0 - - - - - - - SEND
2009-07-21 14:57:18 DROP UDP 192.168.0.11 192.168.0.1 54103 53 0 - - - - - - - SEND
2009-07-21 14:57:30 ALLOW ICMP 192.168.0.11 192.168.0.1 - - 0 - - - - 8 0 - SEND
2009-07-21 14:57:31 ALLOW ICMP 192.168.0.11 192.168.0.1 - - 0 - - - - 8 0 - SEND
2009-07-21 14:57:37 ALLOW ICMP 192.168.0.11 192.168.0.245 - - 0 - - - - 8 0 - SEND
2009-07-21 14:57:38 ALLOW ICMP 192.168.0.11 192.168.0.245 - - 0 - - - - 8 0 - SEND
2009-07-21 14:58:17 ALLOW UDP fe80::11f2:abb3:cf0b:58d8 ff02::1:3 63249 5355 0 - - - - - - - SEND
2009-07-21 14:58:17 ALLOW UDP 10.0.0.2 224.0.0.252 59011 5355 0 - - - - - - - SEND
No comments:
Post a Comment