I need your help with syslog columns.
Currently I have a script as follows: (extract)
A typical syslog message would be as follows:
Oct 22 07:35:14 hajsw202-0202.nls.jlrint.com 21453: Oct 22 06:35:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/19, changed state to down
The above Cut command is cutting fields 4 and 9 onwards, which would be the long hostname and error type and it's message content.
However, as I've recently added a few more message types for the script to extract;
i.e. Oct 21 15:00:49 covlsw01.nls.jlrint.com 2010 Oct 21 14:00:49 GMT +00:00 %SECURITY-1-PORTSHUTDOWN:Port 7/28 shutdown due to security violation
This new message has different field arrangements, where field 9 begins "GMT" rather than %SECURITY-1-PORTSHUTDOWN.
How can I update the script to say; if the message type is %SECURITY-1-PORTSHUTDOWN do, cut field 11 onwards instead of field 9 as at present?
Regards, Wynford
---------- Post updated at 07:58 AM ---------- Previous update was at 07:50 AM ----------
Hi all,
I've just thought that it may be better if I simply get the script to extract from the "%" character, as all of the messages begins with the "%" character when displaying the message type. So if I just cut from the "%" character then this should do it.
The question is. how do I cut or extract just field 4 and the "%" character onwards?
Regards, Wynford
Last edited by vbe; 10-22-2010 at 05:59 AM..
Reason: code tags please
I got my system sun fire 6800 hung later reboot after generating these message can any one help me on this to review these message..!!
nfssrv: WARNING: nfsauth upcall failed: RPC: Operation in progress
mountd: cannot accept connection: 19: error unknown (current state -1)
KAVE00166-W The... (13 Replies)
I read Unix network programming by richard,in chap12.3,it say if call syslog() by using parameter LOG_USER,it should write a message in /var/adm/messages in Solaris,such as "connected from 10.1.1.2",example file inet/daytimetcpsrv2.c.I want to know which syslog file in FreeBSD7.0?I look for... (1 Reply)
I am not a Unix / AIX admin, but am working with one that doesn't seem to know how to set up syslog to forward messages to me the way I need them. Every message they send me has "Message forwarded from <insert host name here>:" but I need it to only have the host name.
In the examples below,... (2 Replies)
Generally(at least on AIX5.3, Solaris9, OS X)'logger' command would create syslog messages which carry <login name> . On Solaris9, I have experienced two circumstances in which 'logname' command fails. In this circumstance I saw the 'logger' command generated syslog messages which carry... (0 Replies)
Hi all,
I need your help in sorting some columns in a syslog report.
The command is:
for messages in `cat syslog_message_list.txt`; do grep $messages syslog.`date +%d%m%y`.log | \
tr -s " " | cut -d" " -f4,9- | sort| uniq -c >> syslog.`date +%d%m%y`.report; done
The output is:
1... (4 Replies)
All thanks for the help in advance. I'm current have my syslog server built on RHEL5.7. I'm wondering how to I have the syslog messages categorized by hostname? Is that an option I can add to the syslog.conf? (1 Reply)
Hi. recently in many of our lpars we are getting a message in errpt as "C6ACA566 0315094014 U S dtc MESSAGE REDIRECTED FROM SYSLOG".
I have also checked the /etc/syslog.conf file. It doesn't point to error log.
Can someone please advise about how to fix this error ?
pmut3:/> errpt -aj... (4 Replies)
Hi All,
I am new to shell scripting. I have a requirement as part of my job to find out null/empty values in column 2 and column 3 from a CSV file and exit the further execution of script by displaying a simple error message.
I have developed a script to do this by reading various articles... (7 Replies)
Hello to everyone! I have a question about syslog.
I want put the messages of log in a particular file
but really i don't know how to do that or i don't get the results
that I want.
I do this:
#include <stdio.h>
#include <stdlib.h>
#include <syslog.h>
int main (void)
{
... (4 Replies)
Discussion started by: Kovalevski
4 Replies
LEARN ABOUT SUNOS
cut
cut(1) User Commands cut(1)NAME
cut - cut out selected fields of each line of a file
SYNOPSIS
cut -b list [-n] [file...]
cut -c list [file...]
cut -f list [-d delim] [-s] [file...]
DESCRIPTION
Use the cut utility to cut out columns from a table or fields from each line of a file; in data base parlance, it implements the projection
of a relation. The fields as specified by list can be fixed length, that is, character positions as on a punched card (-c option) or the
length can vary from line to line and be marked with a field delimiter character like <TAB> (-f option). cut can be used as a filter.
Either the -b, -c, or -f option must be specified.
Use grep(1) to make horizontal ``cuts'' (by context) through a file, or paste(1) to put files together column-wise (that is, horizontally).
To reorder columns in a table, use cut and paste.
OPTIONS
The following options are supported:
list A comma-separated or blank-character-separated list of integer field numbers (in increasing order), with optional - to
indicate ranges (for instance, 1,4,7; 1-3,8; -5,10 (short for 1-5,10); or 3- (short for third through last field)).
-b list The list following -b specifies byte positions (for instance, -b1-72 would pass the first 72 bytes of each line). When -b
and -n are used together, list is adjusted so that no multi-byte character is split.
-c list The list following -c specifies character positions (for instance, -c1-72 would pass the first 72 characters of each line).
-d delim The character following -d is the field delimiter (-f option only). Default is tab. Space or other characters with special
meaning to the shell must be quoted. delim can be a multi-byte character.
-f list The list following -f is a list of fields assumed to be separated in the file by a delimiter character (see -d ); for
instance, -f1,7 copies the first and seventh field only. Lines with no field delimiters will be passed through intact (use-
ful for table subheadings), unless -s is specified.
-n Do not split characters. When -b list and -n are used together, list is adjusted so that no multi-byte character is split.
-s Suppresses lines with no delimiter characters in case of -f option. Unless specified, lines with no delimiters will be
passed through untouched.
OPERANDS
The following operands are supported:
file A path name of an input file. If no file operands are specified, or if a file operand is -, the standard input will be
used.
USAGE
See largefile(5) for the description of the behavior of cut when encountering files greater than or equal to 2 Gbyte (2**31 bytes).
EXAMPLES
Example 1: Mapping user IDs
A mapping of user IDs to names follows:
example% cut -d: -f1,5 /etc/passwd
Example 2: Setting current login name
To set name to current login name:
example$ name=`who am i | cut -f1 -d' '`
ENVIRONMENT VARIABLES
See environ(5) for descriptions of the following environment variables that affect the execution of cut: LANG, LC_ALL, LC_CTYPE, LC_MES-
SAGES, and NLSPATH.
EXIT STATUS
The following exit values are returned:
0 All input files were output successfully.
>0 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
|CSI |Enabled |
+-----------------------------+-----------------------------+
|Interface Stability |Standard |
+-----------------------------+-----------------------------+
SEE ALSO grep(1), paste(1), attributes(5), environ(5), largefile(5), standards(5)DIAGNOSTICS
cut: -n may only be used with -b
cut: -d may only be used with -f
cut: -s may only be used with -f
cut: cannot open <file> Either file cannot be read or does not exist. If multiple files are present, processing continues.
cut: no delimiter specified Missing delim on -d option.
cut: invalid delimiter
cut: no list specified Missing list on -b, -c, or -f option.
cut: invalid range specifier
cut: too many ranges specified
cut: range must be increasing
cut: invalid character in range
cut: internal error processing input
cut: invalid multibyte character
cut: unable to allocate enough memory
SunOS 5.10 29 Apr 1999 cut(1)