12-21-2012
Monitor log entries in log files with no Date format? - Efficient logcheck?
is there a way to efficiently monitor logfiles that do not have a date or time format? i have several logs on several different servers that need to be monitored. but i realized writing a script for this would be very complex and time consuming giving the variety of things i need to check for i.e. check if log file exist, check if log has read permissions, check strings, etc.
i know log file monitoring is essential on basically all UNIX systems. my question is, what method are some of you using, and which ones are the easiest to set up and use? and to go back to my first question, how do you monitor the logs that simply do not have a date and time in them?
OS: linux, sunos, hpux, aix
bash/sh
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I have a comma delimited log file which has the date as MM/DD/YY in the 2nd column, and HH:MM:SS in the 3rd column.
I need to change the date format to YYYY-MM-DD and merge it with the the time HH:MM:SS. How will I got about this?
Sample input
02/27/09,23:52:31
02/27/09,23:52:52... (3 Replies)
Discussion started by: hazno
3 Replies
2. Shell Programming and Scripting
Hello,
I want something like this
tail -f /a/b/c/*.log | grep -i "STRING1|STRING2 " > a.txt
I want to check all the log files in a particular directory then grep if any of the log files have "STRING1" and "STRING2" string and then have to send email to the group.
Platform is HP-UX
it... (8 Replies)
Discussion started by: RTY
8 Replies
3. Emergency UNIX and Linux Support
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!
I am stuck and worried. My assignment was due a day ago and I was too busy completing other assignments due during the same time. I worry that not completing this assignment... (1 Reply)
Discussion started by: vin8465
1 Replies
4. Homework & Coursework Questions
I am stuck and worried. My assignment was due a day ago and I was too busy completing other assignments due during the same time. I worry that not completing this assignment will fail me. Need urgent help in completing the script asap. I dont want to sound pushy to get the answer but just wanted to... (10 Replies)
Discussion started by: vin8465
10 Replies
5. Shell Programming and Scripting
Hi ,
Please help me getting this done.
Write an automated shell program(s) that can create, monitor the log files and report the issues for matching pattern.
(i) Conditions for creating log files.
Log file is created with date (example 2010_03_27.log). If the log file size is 10 Mb for... (1 Reply)
Discussion started by: itian2010
1 Replies
6. Shell Programming and Scripting
Hi,
I was asked to write a new logrotate file for tomcat logs..in which one
of the requirement is to have date and time appended at the end of
the file name.
I have tried dateext and dateformat-%Y-%m-%d-%s but these directives
didn't have the option for HH:MM.
I am very new to this... (2 Replies)
Discussion started by: sdspawankumar
2 Replies
7. HP-UX
AM in need of some plugin/script that can monitor HP-UX file "/var/opt/resmon/log/event.log" .
Have written a scrip in sh shell that is working fine for syslog.log and mail.log as having standard format, have interrogated that to Nagios and is working as I required .
But same script failed to... (3 Replies)
Discussion started by: Shirishlnx
3 Replies
8. Shell Programming and Scripting
To delete log files content older than 30 days and append the lastest date log file date in the respective logs
I want to write a shell script that deletes all log files content older than 30 days and append the lastest log file date in the respective logs
This is my script
cd... (2 Replies)
Discussion started by: sreekumarhari
2 Replies
9. UNIX for Dummies Questions & Answers
Hi Unix Gurus,
I would like to rename several files in a Unix Directory . The filenames can have more than 1 underscore ( _ ) and the last underscore is always followed by a date in the format mmddyyyy. The Extension of the files can be .txt or .pdf or .xls etc and is case insensitive ie... (1 Reply)
Discussion started by: pchegoor
1 Replies
10. Solaris
Need to view su log with year in the time stamp. Only mm/dd format is showing up in the logs. Any help please ..:( (2 Replies)
Discussion started by: Chandru1
2 Replies
LEARN ABOUT DEBIAN
logcheck-test
logcheck-test(1) General Commands Manual logcheck-test(1)
NAME
logcheck-test - test new logcheck rules easily
SYNOPSIS
logcheck-test [-q|-i] [-a|-s|-l FILE] [-e] [-P PREFIX] [-S SUFFIX] RULE
logcheck-test [-q|-i] [-a|-s|-l FILE] -r RULEFILE
DESCRIPTION
logcheck-test parses a log file for matching lines specified by a single rule or a rule file. If using a single RULE you can set a PREFIX
and a SUFFIX to write new rules easily.
OPTIONS
-h, --help
Show usage information
-a, --auth.log
Parse /var/log/auth.log for matching lines
-s, --syslog
Parse /var/log/syslog for matching lines
-l, --log-file FILE
Parse FILE for matching lines
-i, --invert-match
Show line that don't match the RULE or the RULEFILE
-q, --quiet
Suppress rule summary at the end of output
-e, --surround-rule
Surround RULE with standard prefix and suffix:
^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ RULE$
-P, --append-prefix PREFIX
Append PREFIX to rule prefix. Option can be given multiple times
-S, --prepend-suffix SUFFIX
Prepend SUFFIX to rule suffix. Option can be given multiple times
-r, --rule-file RULEFILE
Use file RULEFILE for rule input
EXAMPLES
With logcheck-test you can easily write and test new rules.
Test a single rule against /var/log/syslog:
logcheck-test -s "RULE"
Test a single rule against ~/log, surround the rule with standard prefix and suffix and append "kernel " to prefix:
logcheck-test -l ~/log -e -P "kernel " "RULE"
Test the rules in rulefiles/linux/ignore.d.server/kernel against ~/log:
logcheck-test -l ~/log -r rulefiles/linux/ignore.d.server/kernel
Test which lines the rules in rulefiles/linux/ignore.d.server/kernel doesn't match:
logcheck-test -l ~/log -r rulefiles/linux/ignore.d.server/kernel -i
EXIT STATUS
On successful matching logcheck-test will complete with exit code 0. An exit code of 1 indicates no successful matching.
An exit code greater then 1 indicates an error occurred. Textual errors are written to the standard error stream.
SEE ALSO
logcheck(8)
AUTHOR
logcheck is developed by Debian logcheck Team at alioth: http://alioth.debian.org/projects/logcheck/. This manual was written by Hannes von
Haugwitz <hannes@vonhaugwitz.com>.
Feb 19, 2010 logcheck-test(1)