Search

Newsletter

Get our latest updates. Sign up with your email.

Popular Posts

Monitoring File or Directory Changes

3 min read
1 views
Monitoring File or Directory Changes

Brute Force Monitoring: The Simple, No‑Frills Approach

When you want to keep an eye on a directory but your operating system lacks a built‑in watcher, the most straightforward strategy is to poll the directory repeatedly. This method relies on basic shell utilities that almost every Unix‑like system ships with, so you can use it even on a minimal container or a remote server with no additional packages.

Imagine you need to detect any change in /tmp/watchdir. The classic pattern is to take a snapshot of the directory’s contents, wait a bit, take another snapshot, and compare the two. If the snapshots differ, a change has occurred. The simplest tools for the job are ls to list the directory and diff to spot differences. Below is a refined version of the classic loop, with a few tweaks that make it safer and easier to read.

Prompt
#!/usr/bin/env bash <h1>Basic polling watcher for /tmp/watchdir</h1> <p>WATCH_DIR="/tmp/watchdir"</p> <p>SLEEP_INTERVAL=5 # seconds between polls</p><h1>Create a temporary file to hold the previous snapshot</h1> PREV="$(mktemp)"</p><h1>Take the first snapshot</h1> ls -lR "$WATCH_DIR" > "$PREV"</p> <p>while true; do</p> <p> CUR="$(mktemp)" # temporary file for the current snapshot</p> <p> ls -lR "$WATCH_DIR" > "$CUR"</p> <p> if ! diff -q "$PREV" "$CUR" > /dev/null; then</p> <p> echo "[$(date '+%Y-%m-%d %H:%M:%S')] Directory changed!"</p> <p> # Here you could trigger a more elaborate action, such as</p> <p> # notifying a monitoring system or restarting a service.</p> <p> fi</p> <p> # Replace the previous snapshot with the current one</p> <p> rm "$PREV"</p> <p> PREV="$CUR"</p> <p> sleep "$SLEEP_INTERVAL"</p> <p>done</p>

Notice the use of mktemp to create unique temporary files and the -q option for diff so that only the exit status matters. The script runs indefinitely; you can stop it with Ctrl‑C or by killing the process.

There are a few edge cases that the simple script does not handle automatically:

  • Large directories: ls -lR can become expensive if the directory contains thousands of files. In that scenario, consider using find to list just the file names or metadata you care about.
  • Partial writes: When a large file is being created, ls may show the file immediately, even though the write is still in progress. To guard against reacting to incomplete data, you can add a check with lsof or fuser to confirm that no process has the file open for writing.
  • Permissions: If the script runs as a user who cannot read the directory contents, ls will fail. Ensure the user has the necessary rights or run the script as root if appropriate.

    Even though this brute‑force method may look old‑school, it often suffices for simple monitoring tasks. Its primary advantage is its ubiquity - no external dependencies, no system‑level configuration. The trade‑off is the overhead of running ls and diff on each iteration. For most small or medium‑sized directories, the impact is negligible, but for high‑frequency monitoring or very large directories, you might experience noticeable CPU usage or latency.

Tags

Suggest a Correction

Found an error or have a suggestion? Let us know and we'll review it.

Share this article

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!

Related Articles

Latest News