You could read the log in real time with tail -f if that helps. Beyond this, you may need to keep and old version and compare them. Using diff can be awkward because it adds editing messages if you are to shovel the output into ed so perhaps you would be better to count the lines in your saved version and then get extra lines from the current file, something like:-
I've added the temporary log file so that messages can still be added to the main logfile as you are working on it without it skewing the output, so it givers you a fixed reference point.
I know that Unix is different from windows in that it needs more manual configuring but how do I get Solaris 8 (Intel version) to recognize my floppy drive and cd-rom??
I mean does it automatically detect the drives at startup and I have to mount them or do I have to create the drives somehow and... (1 Reply)
Hello all,
first of all, I apologise if I may ask stupid or obvious questions, but I'm new to UNIX and I think I need a little bit of help before I start gearing up :)
Anyway, I have installed a Solaris 8 on a Sun machine, and it has 2 physical disks in it. However, it seems that it is only... (7 Replies)
Hi. You may know how to detect when a interruption succeeded programming in C. Just like receiving a signal without blocking. Knowing when it was a keystroke (IRQ 2), or a mouse movement (12), or a disk access, etc. and getting actually for example the letter typed.
Thanks a lot. (7 Replies)
Hello,
I'd like to handle incoming (uploaded) files from a shell script, ideally without busy polling / waiting (e.g. running a cron task every 15'). Is there a command that would just sleep until a new entry has been created in a directory, allowing scripts such as the following:
while... (9 Replies)
Hi All ,
I need a script to find errors in a particular and in a particular path
Actually in my logs i`ve so many kinds of errors(i can even say as 100 types also).if i run the script i need to know the error (some errors can aviod )
so finally the script o/p should be a numeric... (3 Replies)
Hi,
I will name folders this way : DD-MM-YYYY (07-06-2011 for today).
DATE=`date +%d-%m-%Y`
mkdir $DATE
They will contain a backup of the day.
I want, in my backup script, add a command that will automatically delete folders that are a week old (in this case, when performing the backup of... (7 Replies)
How can view log messages between two time frame from /var/log/message or any type of log files.
when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval.
Could you pls give me the command? (1 Reply)
Hello world,
One of the servers, a Fedora one,rebooted today (Luckily, a testbox).
I tried to get the reason the server rebooted. After going through the messages, I think that the log entries just before and after reboot are missing.
Please below: (****** is the server name, for privacy... (0 Replies)
is there a way to efficiently monitor logfiles that do not have a date or time format? i have several logs on several different servers that need to be monitored. but i realized writing a script for this would be very complex and time consuming giving the variety of things i need to check for i.e.... (2 Replies)
Redirecting log files to null writing junk into log files.
i have log files which created from below command
exec <processname> >$logfile
but when it reaches some size i am redirecting to null while process is running like
>$logfile
manually but after that it writes some junk into... (7 Replies)
Discussion started by: greenworld123
7 Replies
LEARN ABOUT REDHAT
logwatch
LOGWATCH(8) User Manuals LOGWATCH(8)NAME
logwatch - system log analyzer and reporter
SYNOPSIS
logwatch [--detail level ] [--logfile log-file-group ] [--service service-name ] [--print] [--mailto address ] [--archives] [--range range
] [--debug level ] [--save file-name ] [--logdir directory ] [--hostname hostname ] [--help|--usage]
DESCRIPTION
LogWatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in
the areas that you wish with the detail that you wish. Easy to use - works right out of the package on almost all systems.
OPTIONS --detail level
This is the detail level of the report. level can be high, med, low.
--logfile log-file-group
This will force LogWatch to process only the set of logfiles defined by log-file-group (i.e. messages, xferlog, ...). LogWatch will
therefore process all services that use those logfiles. This option can be specified more than once to specify multiple logfile-
groups.
--service service-name
This will force LogWatch to process only the service specified in service-name (i.e. login, pam, identd, ...). LogWatch will there-
fore also process any log-file-groups necessary to process these services. This option can be specified more than once to specify
multiple services to process. A useful service-name is All which will process all services (and logfile-groups) for which you have
filters installed.
--print
Print the results to stdout (i.e. the screen).
--mailto address
Mail the results to the email address or user specified in address.
--archives
Each log-file-group has basic logfiles (i.e. /var/log/messages) as well as archives (i.e. /var/log/messages.? or /var/log/mes-
sages.?.gz). This option will make LogWatch search through the archives in addition to the regular logfiles. The entries must
still be in the proper date range (see below) to be processed, however.
--range range
You can specify a date-range to process. This option is currently limited to only Yesterday, Today and All.
--debug level
For debugging purposes. level can range from 0 to 100. This will really clutter up your output. You probably don't want to use
this.
--save file-name
Save the output to file-name instead of displaying or mailing it.
--logdir directory
Look in directory for log files instead of the default directory.
--hostname hostname
Use hostname for the reports instead of this system's hostname. In addition, if HostLimit is set in /etc/log.d/logwatch.conf, then
only logs from this hostname will be processed (where appropriate).
--usage
Displays usage information
--help same as --usage.
FILES
/etc/log.d/logwatch.conf
Really a symlink to /etc/log.d/conf/logwatch.conf. This file sets the default values of all the above options. These defaults are
used when LogWatch is called without any parameters (i.e. from cron.daily). The file is well-documented, but the explanations above
also apply to this config file.
/etc/log.d/conf/services/*
Configuration files for the various services whose log entries LogWatch can process.
/etc/log.d/conf/logfiles/*
Configuration files for the various logfiles that the above service's log entries are stored in.
/etc/log.d/scripts/shared/*
Filters common to many services and/or logfiles.
/etc/log.d/scripts/logfiles/*
Filters specific to just particular logfiles.
/etc/log.d/scripts/services/*
Actual filter programs for the various services.
EXAMPLES
logwatch --service ftpd-xferlog --range all --detail high --print --archives
This will print out all FTP transfers that are stored in all current and archived xferlogs.
logwatch --service pam_pwdb --range yesterday --detail high --print
This will print out login information for the previous day...
MORE INFORMATION
For information on adding your own filter, please see the file HOWTO-Make-Filter which should have been included with Logwatch. If you
installed from an RPM, it is probably under /usr/share/doc/logwatch-XXX.
BUGS
The --range option is very weak... this will be fixed in the future.
AUTHOR
Kirk Bauer <kirk@kaybee.org>
http://www.kaybee.org/~kirk
ftp://ftp.kaybee.org/pub/redhat/RPMS
Linux MARCH 1998 LOGWATCH(8)