Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

need help with script

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting need help with script
# 1  
Old 07-07-2007
Question need help with script
I have created a log file to attempt to alert myself if root or oracle directly logs into a server. I want to create a script that will check this log file every 30 minutes and if it finds one, send an alert. I can do everything but cannot figure out what combination of grep will work. My sticking point is with the hour and that I don't want more than one alert per hour.

root Fri Jul 6 10:58:34 2007
root Fri Jul 6 12:08:23 2007
root Fri Jul 6 12:08:25 2007
root Fri Jul 6 13:40:25 2007
root Fri Jul 6 14:09:57 2007
root Fri Jul 6 17:09:34 2007
root Fri Jul 6 18:03:10 2007
root Fri Jul 6 19:04:49 2007
root Fri Jul 6 19:04:57 2007
root Sat Jul 7 18:36:06 2007

Please help. I am ready to scream!
# 2  
Old 07-07-2007
I am sure you are looking for more elegant solution but trying to see if I can do anything,

I guess obviously you can run this at top of the hour once and just increase the value for sleep time

but I am sure our forum gurus will come up something nice for u.. I am waiting to see so that I can learn as well!

Code:
#!/bin/bash
set +x
i=1
something=root

echo starting...

while [ "$i" -lt 3 ]   #(( $i < 3 )) 
    do
      I=`grep $something abc.log`
      echo trying to see if root has logged on this hour
      if [ -n "$I" ]
           then
              echo root has logged on
              exit 0
      elif [ "$i" -eq 1 ]
           then
             sleep 5
             echo sleeping for 5 sec
      fi
echo out of if loop
let i+=1
done

# 3  
Old 07-09-2007
Code:
mLogFile='your_log_file'
set -- `egrep 'root' | tail -1 $mLogFile`
mLastMonth=$3
mLastDay=$4
mLastHour=`echo $5 | cut -f1 -d':'`
tail -1f $mLogFile | \
while read mCurr
do
  mRoot=`echo $mCurr | egrep -c 'root'`
  if [ "$mRoot" = "0" ]; then
    continue
  fi
  set -- $mCurr
  mCurrMonth=$3
  mCurrDay=$4
  mCurrHour=`echo $5 | cut -f1 -d':'`
  if [ "$mCurrMonth" != "$mLastMonth" -o  \
       "$mCurrDay"   != "$mLastDay"   -o  \
       "$mCurrHour"  != "$mLastHour" ]; then
    echo "Found new login: "$mCurr
  fi
  mLastMonth=$mCurrMonth
  mLastDay=$mCurrDay
  mLastHour=$mCurrHour
done

# 4  
Old 07-10-2007
sorry... I must be doing something wrong
root@gs091# ./test.sh
mLogFile=/tmp/directoutput.txt
+ egrep root
+ tail -1 /tmp/directoutput.txt
mLastMonth=$3
mLastDay=$4
mLastHour=
tail: cannot open input
./test.sh: syntax error at line 4: `end of file' unexpected
+ set -- echo
+ [ = 0 ]
+ set --
mCurrMonth=
mCurrDay=
mCurrHour=
./test.sh: syntax error at line 6: `done' unexpected
root@gs091# + egrep -c rootecho


I added #!/bin/sh to the top of the file.

Any ideas?
# 5  
Old 07-10-2007
Of hand, probably one error and possibly a transcription error.

Code:
mLogFile='your_log_file'
set -- `egrep 'root' $mLogFile | tail -1`
mLastMonth=$3
mLastDay=$4
mLastHour=`echo $5 | cut -f1 -d':'`
tail -1f $mLogFile | \   #make sure you don't have any spaces after the \
while read mCurr
do
  mRoot=`echo $mCurr | egrep -c 'root'`
  if [ "$mRoot" = "0" ]; then
    continue
  fi
  set -- $mCurr
  mCurrMonth=$3
  mCurrDay=$4
  mCurrHour=`echo $5 | cut -f1 -d':'`
  if [ "$mCurrMonth" != "$mLastMonth" -o  \
       "$mCurrDay"   != "$mLastDay"   -o  \
       "$mCurrHour"  != "$mLastHour" ]; then
    echo "Found new login: "$mCurr
  fi
  mLastMonth=$mCurrMonth
  mLastDay=$mCurrDay
  mLastHour=$mCurrHour
done

# 6  
Old 07-10-2007
That got me much further!
root@gs091# ./test.sh
mLogFile=/tmp/directoutput.txt
+ tail -1 /tmp/directoutput.txt
+ egrep root
+ set -- root Tue Jul 10 18:19:30 2007
mLastMonth=Jul
mLastDay=10
+ echo 18:19:30
+ cut -f1 -d:
mLastHour=18
+ tail -1f /tmp/directoutput.txt
+ read mCurr
+ echo root Tue Jul 10 18:19:30 2007
+ egrep -c root
mRoot=1
+ [ 1 = 0 ]
+ set -- root Tue Jul 10 18:19:30 2007
mCurrMonth=Jul
mCurrDay=10
+ echo 18:19:30
+ cut -f1 -d:
mCurrHour=18
+ [ Jul != Jul -o 10 != 10 -o 18 != 18 ]
+ read mCurr
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to block first bash script until second bash script script launches web server/site?

I'm new to utilities like socat and netcat and I'm not clear if they will do what I need. I have a "compileDeployStartWebServer.sh" script and a "StartBrowser.sh" script that are started by emacs/elisp at the same time in two different processes. I'm using Cygwin bash on Windows 10. My... (3 Replies)
Discussion started by: siegfried
3 Replies

2. Shell Programming and Scripting

Shell script works fine as a standalone script but not as part of a bigger script

Hello all, I am facing a weird issue while executing a code below - #!/bin/bash cd /wload/baot/home/baotasa0/sandboxes_finance/ext_ukba_bde/pset sh UKBA_publish.sh UKBA 28082015 3 if then echo "Param file conversion for all the areas are completed, please check in your home directory"... (2 Replies)
Discussion started by: ektubbe
2 Replies

3. UNIX for Dummies Questions & Answers

Calling a script from master script to get value from called script

I am trying to call a script(callingscript.sh) from a master script(masterscript.sh) to get string type value from calling script to master script. I have used scripts mentioned below. #masterscript.sh ./callingscript.sh echo $fileExist #callingscript.sh echo "The script is called"... (2 Replies)
Discussion started by: Raj Roy
2 Replies

4. Shell Programming and Scripting

Script will keep checking running status of another script and also restart called script at night

I am using blow script :-- #!/bin/bash FIND=$(ps -elf | grep "snmp_trap.sh" | grep -v grep) #check snmp_trap.sh is running or not if then # echo "process found" exit 0; else echo "process not found" exec /home/Ketan_r /snmp_trap.sh 2>&1 & disown -h ... (1 Reply)
Discussion started by: ketanraut
1 Replies

5. Shell Programming and Scripting

create a shell script that calls another script and and an awk script

Hi guys I have a shell script that executes sql statemets and sends the output to a file.the script takes in parameters executes sql and sends the result to an output file. #!/bin/sh echo " $2 $3 $4 $5 $6 $7 isql -w400 -U$2 -S$5 -P$3 << xxx use $4 go print"**Changes to the table... (0 Replies)
Discussion started by: magikminox
0 Replies
Login or Register to Ask a Question