Logging files and directory access is helpful for tracking changes to files and directories
Install Inotify-tools
1, download wget--no-check-certificate http://github.com/downloads/rvoicilas/inotify-tools/inotify-tools-3.14.tar.gz 2, Environment Preinstallation Yum Install GCC 3, compiling tar zxf inotify-tools-3.14.tar.gz cd inotify-tools-3.14./configure make make Install
4. Use
Path=/tmp
#将目录或文件路径作为脚本参数
Inotifywait-m-r-e create,move,delete $path-Q
The output sample is as follows:
$/watchdir.sh.
./CREATE New
./Moved_from New
./Moved_to News
./DELETE News
The above script record is given the creation, movement, and deletion of files or directories in the path. Option-M indicates that you want to continue monitoring
Change, rather than exiting after the event occurs. -R allows the use of recursive monitoring of directories (ignoring symbolic links). -E designation
List of events that need to be monitored. -Q is used to reduce redundant information and only print out the required information. Command output can be redirected
to the log file.
Reference parameters:
Access (access) Read files
Modified (Modify) file contents modified
Property (attrib) file metadata is modified
Move moving file actions
Creating (Create) generating new files
Open (open) file operation
Closes (close) closes a file operation
Deleting file (delete)