Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is there a BASH script allowing me to grep specifics from /var/log/messages?
Top Forums Shell Programming and Scripting Is there a BASH script allowing me to grep specifics from /var/log/messages? Post 302995006 by Don Cragun on Thursday 30th of March 2017 01:47:21 PM
Old 03-30-2017
Quote:
Originally Posted by vgplayer54
Sorry for not being overly clear - what I am attempting to do is run traffic through my network on a variety of different ports (ie. HTTP traffic on port 80, SMTP on port 143, MySQL on port 1306, etc). Then, I will be asked a variety of questions including as an example: "Show me all MySQL traffic that went through your network on March 27 between 12:30pm and 12:35pm". This is what I need the script to do: I enter the name of the script on the command line followed by variables that specify the requested information. (ie. myscript Mar 27 12:30:00 12:35:00 port=1306) and it will display all MySQL traffic on that date between those times from the /var/log/messages file. Will the above posted script be able to do this? I am..not very good at scripting awk, not sure where to use that or how to make it work for port numbers.

Also you mentioned the INPUT-DROPPED and FORWARD-ACCEPTED before from my first script, those are just chains within my iptables. I do not think they should be related to the script as it would be locating all network traffic, both dropped and accepted.
I don't care whether or not you know awk (although I would hope that you are making an attempt to learn how to use it if you want to process the types of data you're asking us to help you learn how to handle). But, I do expect you to know be able to answer questions about your data and I expect you to be able to describe how you want to process your data.
  1. Given your data (which you provided in post #4 in this thread), please show us where the port number you want to use to select records is located within those records.
  2. If you want to select records based on chains, please explain how a chain is identified in your data.
  3. The code you showed us used case-insensitive searches, but there doesn't seem to be any inconsistency in case in your data. Do you need case-insensitive search capabiliities?
  4. When you pass search criteria to your script, do you expect the script to treat those criteria as regular expressions or as fixed strings?
I can almost write awk scripts in my sleep, but I can't write a script to process data in any language if I don't understand what it is that I'm trying to do.
 

10 More Discussions You Might Find Interesting

1. Solaris

diff b/w /var/log/syslog and /var/adm/messages

hi sirs can u tell the difference between /var/log/syslogs and /var/adm/messages in my working place i am having two servers. in one servers messages file is empty and syslog file is going on increasing.. and in another servers message file is going on increasing but syslog file is... (2 Replies)
Discussion started by: tv.praveenkumar
2 Replies

2. UNIX for Advanced & Expert Users

/var/adm/messages vs /var/log/messages

The /var/adm/messages in Solaris seem to log more system messages/errors compared to /var/log/messages in Linux. I checked the log level in Linux and they seem OK. Is there any other log file that contains the messages or is it just that Linux doesn't log great many things? (2 Replies)
Discussion started by: gomes1333
2 Replies

3. Solaris

Difference between /var/log/syslog and /var/adm/messages

Hi, Is the contents in /var/log/syslog and /var/adm/messages are same?? Regards (3 Replies)
Discussion started by: vks47
3 Replies

4. Shell Programming and Scripting

How can view log messages between two time frame from /var/log/message or any type of log files

How can view log messages between two time frame from /var/log/message or any type of log files. when logfiles are very big and especially many messages with in few minutes, I would like to display log messages between 5 minute interval. Could you pls give me the command? (1 Reply)
Discussion started by: johnveslin
1 Replies

5. UNIX for Dummies Questions & Answers

/etc/sudoers for allowing oracle user to /var/log/messages

So I want the DBA to access /var/log/messages and so I logged in as root and then edited the sudoers file as follows "oracle ALL= (root) /bin/view, /var/log/messages" However when I login as oracle and try "sudo more /var/log/messages" I get Sorry, user oracle is not allowed to... (1 Reply)
Discussion started by: gubbu
1 Replies

6. UNIX for Dummies Questions & Answers

fprintd messages in /var/log/messages

Whenever a user uses su I get the following error messages in /var/log/messages: Nov 23 04:24:55 <REMOVED> abrt: saved core dump of pid 26141 (/usr/libexec/fprintd) to /var/spool/abrt/ccpp-1322018695-26141.new/coredump (753664 bytes) Nov 23 04:24:55 <REMOVED> abrtd: Directory... (3 Replies)
Discussion started by: JakesHat
3 Replies

7. Shell Programming and Scripting

Script to monitor /var/log/messages

Hello All, I want to write a script to monitor my product logs from /var/log/messages and send notifications without using "tail -f" command.Please suggest alternatives and any other tools for monitoring and alerting. Thank You (1 Reply)
Discussion started by: Cva2568
1 Replies

8. Shell Programming and Scripting

Log all the commands input by user at real time in /var/log/messages

Below is my script to log all the command input by any user to /var/log/messages. But I cant achieve the desired output that i want. PLease see below. function log2syslog { declare COMMAND COMMAND=$(fc -ln -0) logger -p local1.notice -t bash -i -- "$USER:$COMMAND" } trap... (12 Replies)
Discussion started by: invinzin21
12 Replies

9. Shell Programming and Scripting

Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog

I have been searching and reading about syslog. I would like to know how to Transfer the logs being thrown into /var/log/messages into another file example /var/log/volumelog. tail -f /var/log/messages dblogger: msg_to_dbrow: no logtype using missing dblogger: msg_to_dbrow_str: val ==... (2 Replies)
Discussion started by: kenshinhimura
2 Replies

10. Shell Programming and Scripting

[bash] script is filling up my /var/log

I am trying to create a script that checks if my VPN connection is up and running... Everything seems to work as except but for some reason, the script fills up my /var/log/auth.log with the below information Dec 13 01:07:44 debian sudo: soichiro : TTY=pts/0 ; PWD=/home/soichiro/Desktop ;... (5 Replies)
Discussion started by: soichiro
5 Replies

LEARN ABOUT MOJAVE

jrunscript

jrunscript(1)						      General Commands Manual						     jrunscript(1)

NAME

       jrunscript - command line script shell

SYNOPSIS

       jrunscript [ options ] [ arguments... ]

PARAMETERS

       options
	  Options, if used, should follow immediately after the command name.

       arguments
	  Arguments, if used, should follow immediately after options or command name.

DESCRIPTION

       jrunscript  is  a command line script shell. jrunscript supports both an interactive (read-eval-print) mode and a batch (-f option) mode of
       script execution. This is a scripting language independent shell. By default, JavaScript is the language used, but the  -l  option  can	be
       used  to  specify  a  different	language.  Through Java to scripting language communication, jrunscript supports "exploratory programming"
       style.

       NOTE: This tool is experimental and may not be available in future versions of the JDK.

OPTIONS

       -classpath path
	  Specify where to find the user's .class files that are accessed by the script.

       -cp path
	  This is a synonym for -classpath path

       -Dname=value
	  Set a Java system property.

       -Jflag
	  Pass flag directly to the Java virtual machine on which jrunscript is run.

       -l language
	  Use the specified scripting language. By default, JavaScript is used. Note that to use other scripting languages, you also need to spec-
	  ify the corresponding script engine's jar file using -cp or -classpath option.

       -e script
	  Evaluate the given script. This option can be used to run "one liner" scripts specified completely on the command line.

       -encoding encoding
	  Specify the character encoding used while reading script files.

       -f script-file
	  Evaluate the given script file (batch mode).

       -f -
	  Read and evaluate a script from standard input (interactive mode).

       -help
	  Output help message and exit.

       -?
	  Output help message and exit.

       -q
	  List all script engines available and exit.

ARGUMENTS

       If  [arguments...] are present and if no -e or -f option is used, then the first argument is the script file and the rest of the arguments,
       if any, are passed as script arguments. If [arguments..] and -e or -f option are used, then all [arguments..] are passed  as  script  argu-
       ments.  If [arguments..], -e and -f are missing, interactive mode is used. Script arguments are available to a script in an engine variable
       named "arguments" of type String array.

EXAMPLES

       Executing inline scripts

	  jrunscript -e "print('hello world')"
	  jrunscript -e "cat('http://java.sun.com')"

       Use specified language and evaluate given script file

	  jrunscript -l js -f test.js

       Interactive mode

	  jrunscript
	  js>print('hello world');
	  hello world
	  js>34 + 55
	  89
	  js> thread(function() { print('hello world'); }
	  hello world
	  js>

       Run script file with script arguments

	  jrunscript test.js arg1 arg2 arg3

       test.js is script file to execute and arg1, arg2 and arg3 are passed to script as script arguments. Script can access  these  using  "argu-
       ments" array.

SEE ALSO

       If JavaScript is used, then before evaluating any user defined script, jrunscript initializes certain built-in functions and objects. These
       JavaScript built-ins are documented in jsdocs.

								    06 Aug 2006 						     jrunscript(1)
All times are GMT -4. The time now is 07:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy