8:50am FS said:
I have a need to track changes to a file being made in real-time. So the entries in this file are MAC addresses of clients that can get added/deleted, sometimes multiple entries per second. What I want to do is to see all the changes were from time A to time B. I thought about tail -f, but that only lists the entries being added. Doing diff would require copying the file and running diff against it every second or so, and then again it wouldn't necessarily list all the changes, just the one between the last changed file and the current one. I hope I'm explaining this clearly, but basically the question is, is there a utility in Linux/Unix world which can track any changes being made to a file in real-time and list/track/put-in-a-file those changes being made?
Since linux 2.6.13, the in-kernel callback API for this is called inotify(7). RTFM to learn about its innards or how to use it in C.
If you just want a command-line tool, take a peek at inotifywait in the inotify-tools package.
../C
