Piping output from cut

Question

I'm trying to write a script that uses the information inside a log file that continues to grow. Every log of the file is structured like this:

"Jun 20 09:56:01 Client root: ssh-rsa ...[rsa-key]... mario@Client"

I just need the last two informations for my script, the ssh-rsa key and the username, so I've tried this:

tail -f /var/log/newusers | egrep --line-buffered "ssh-rsa" | cut -d' ' -f7,8 

it was working so I added this because I needed to manipulate the information

| while read line ; do echo $line ; done

but it doesn't print anything. I'm using this as a workaround:

tail -f /var/log/newusers | egrep --line-buffered "ssh-rsa" | while read line ; do
    KEY=$(echo "$line" | cut -d' ' -f7)
    USER=$(echo "$line" | cut -d' ' -f8)
    echo "$USER"
done

but I want to understand why the first solution is not working because I think I'm missing some basic concept.

Answer 1

awk can filter by regexp and pipe fields to read placing values directly into variables. $USER is a built-in bash variable so it's not recommended to use it in scripts unless its meaning is preserved

tail -f /var/log/newusers \
| gawk '{ if($0 ~ /ssh-rsa/){ print $7,$8 } }' \
| while read rsa nuser; do 
    echo "new $nuser -> rsa: $rsa"
done

Result:

new mario@Client -> rsa: ...[rsa-key]...
new mario@Client2 -> rsa: ...[rsa-key]...
new mario@Client3 -> rsa: ...[rsa-key]...
new mario@Client4 -> rsa: ...[rsa-key]...
new mario@Client5 -> rsa: ...[rsa-key]...

Answer 2

Hi your first option did not work as you have used cut before while loop because cut will filtered one line at a time.

tail -f /var/log/newusers | egrep --line-buffered "ssh-rsa" | cut -d' ' -f7,8 | while read line ; do echo $line ; done

In your second option you have output all the filtered lines to while loop

tail -f /var/log/newusers | egrep --line-buffered "ssh-rsa" | while read line ; do