Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Script to grep if 404 error got generated in the log files in last 5 minutes
Top Forums UNIX for Beginners Questions & Answers Script to grep if 404 error got generated in the log files in last 5 minutes Post 303046317 by rbatte1 on Thursday 30th of April 2020 03:25:20 PM
Old 04-30-2020
Could you store a 'previous last line' value somewhere to use between runs? That way you could:-
  • Copy the log file to a temporary directory (to get a fixed file to work with)
  • Read the 'previous last line' value from your stored location
  • Count the lines in your copied file.
  • If the count is lower, you have rotated the log file, so set the 'previous last line' value to zero to read the whole file.
  • If the count was larger, read from the 'previous last line' value to the end of the file looking for the error message being logged.
  • Store the new 'last line' value in a file somewhere for the next run.
  • Tidy up your temporary file/directory.
Would that logic work for you?


Let us know if that helps, is totally wrong or if you get stuck.


I hope that this helps,
Robin
This User Gave Thanks to rbatte1 For This Post:
vgersh99
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Script to Grep column 3 from csv file generated yesterday

Hello, Can any one please assist how to scirpt it: Every day a new log file is create and I want to process only the one generated yesterday and get the data of column 3 and 6. For example today's date is 24 then I want to get the data of log file created on 23rd. Log Files in... (7 Replies)
Discussion started by: sureshcisco
7 Replies

2. Shell Programming and Scripting

Retrieve logs generated in last 10 mins from a log file using 'grep' command

HI All, I have a log file where the logs will be in the format as given below: 2011-05-25 02:32:51 INFO PROCESS STARTING 2011-05-25 02:32:52 INFO PROCESS STARTED . . . I want to retrieve only the logs which are less than 5 mins older than current time using grep... (3 Replies)
Discussion started by: rvhg16
3 Replies

3. Shell Programming and Scripting

Script to grep for a string in log files generated in last 15 minutes.

Dear Guru's I've a requirment to grep for a string in series of log files that are getting generated almost every minute. I'm looking to schedule a script every 15 mountes,in order to check if the error string has been generated in any of the log files generated in last 15 minutes. Please... (3 Replies)
Discussion started by: rajivatnova
3 Replies

4. Shell Programming and Scripting

Move all .log except those generated in the last 5 minutes

RHEL 5.8 In the directory /u03/pkms/app_logs I have several hundreds of log files as shown below. $ pwd /u03/pkms/app_logs $ ls -alrt *.log | tail -50 -rw-r----- 1 oracle dba 9439232 May 4 13:57 mvtpcem_1_722892404_94157.log -rw-r----- 1 oracle dba 9227264 May 4 13:57... (8 Replies)
Discussion started by: kraljic
8 Replies

5. Shell Programming and Scripting

Grep last 30 minutes log only

I have below command, which i use for checking last two hours log file, but i want to check 30 minutes log and discard old log, only match current time with last 30 minutes. Command i am using. This below attach log file format is for this week, but sometime it got change in time of log, so i need... (6 Replies)
Discussion started by: learnbash
6 Replies

6. Shell Programming and Scripting

How to capture hostnames or ip address in the log files generated?

Team, I have prepared a script which I run from my remote machine(Jump-box)server Below is the script FILEDATE=`date +%F` LOGFILE=/home/abc/scripts/xyz.$FILEDATE.log find /home/abc/scripts/xyz.*.log -type f -mtime -3 -delete touch $LOGFILE exec 1>$LOGFILE 2>&1 #healthcheck batch runs... (1 Reply)
Discussion started by: whizkidash
1 Replies

7. Web Development

How to log http 404 error to a separate log file?

Apache Web Server: how to log http 404 error to a separate log file and i do not want to log in access.log please advice. (2 Replies)
Discussion started by: raghur77
2 Replies

8. Shell Programming and Scripting

Grep last 2 minutes log only

I have newbie, which i use for checking last one hours log file, but i want to check 2 minutes log and discard old log, only match current time with last 2 minutes. Ex log. 2018-07-03 20:09:17 2018-07-03 20:05:17 2018-07-03 20:05:18 2018-07-03 20:05:20 2018-07-03 20:06:22 2018-07-03... (5 Replies)
Discussion started by: ooilinlove
5 Replies

9. Shell Programming and Scripting

Grep a log file for the last 5 minutes of contents every 5 minutes

Hi all, System Ubuntu 16.04.3 LTS i have the following log INFO 2019-02-07 15:13:31,099 module.py:700] default: "POST /join/8550614e-3e94-4fa5-9ab2-135eefa69c1b HTTP/1.0" 500 2042 INFO 2019-02-07 15:13:31,569 module.py:700] default: "POST /join/6cb9c452-dcb1-45f3-bcca-e33f5d450105... (15 Replies)
Discussion started by: charli1
15 Replies

10. UNIX for Beginners Questions & Answers

Error Code Generated by Script

Hi, I have written a script with several variables derived from here documents. However, when I run the following code, the exit status becomes 1: BMC_ACEs="Rich" read -r -d '' BMC_ACL <<EOF ### ### ACL Rack01-BMCMgmt_IN ### $BMC_ACEs EOF If I then type echo $?, it displays a 1. ... (4 Replies)
Discussion started by: richmaxw
4 Replies

LEARN ABOUT DEBIAN

tigercron

TIGERCRON(8)						      Administrator Commands						      TIGERCRON(8)

NAME

       tigercron - Cron utility for Tiger UNIX Security Checker

SYNOPSIS

       tigercron [controlfile] [-B basedir] [tigeroptions...]

DESCRIPTION

       Tigercron  is used to run periodically checks from the Tiger UNIX Security Checker. Tigercron reads a control file which is usually located
       in '/etc/tiger/cronrc' although it can also be specificied as the first argument when calling the program.  The format of this control file
       is  the	same as for the cron program, each line indicates when different checks from Tiger will be run.  The user can indicate where Tiger
       is installed through the -B basedir parameter, any other additional options provided in the command line will be passed on to configure	to
       configure Tiger based on them (as described in tiger (8)).

       Tigercron  runs	the specified checks and compares their reports with previous stored reports (under /var/log/tiger). It will then mail the
       user defined in '/etc/tiger/tigerrc' (Tiger_Mail_RCPT) the results.

       When a module is run, tigercron checks:

       o   If Tiger_Cron_Template is set to Y in tigerrc. If it is, it checks if there is a template stating which are the expected results.

       o   If Tiger_Cron_CheckPrev is set to Y in tigerrc. If it is, it checks if there is a previous run of the module it can check against.

       A differential report is generated depending on the module reports and previous run and is sent through e-mail. These  reports  provide	an
       easy  way to detect intrusions even if no configuration of templates has been done. In the event of an intrusion a Tiger check might detect
       something specific (file changes, new processes, new users, etc.) and this alert mechanism provides a way to turn Tiger into a Host  Intru-
       sion Detection System (HIDS).

       The ability of it to work as a proper HIDS is based on a good customization of the cronrc file. Modules that check events to which the host
       is most exposed to should be run often in order to detect deviations from normal behaviour.

OPTIONS

       Tigercron uses the same options as Tiger. A controlfile can be defined also to override the default.

FILES

       /etc/tiger/tigerrc
	      Configuration file for the Tiger tool.

       /etc/tiger/cronrc
	      Configuration file for the Tigercron tool.

       /var/log/tiger
	      Location of the log messages generated by Tiger when run through cron

       /var/lib/tiger/work
	      Working directory used by Tiger scripts to create temporary files.

SEE ALSO

       tigexp(8),tiger(8),cron(8),crontab(5)

       The deficiencies of using tigercron as a HIDS are described in the file README.hostids which  is  provided  with  the  package.	In  Debian
       GNU/Linux you will find this (and other related) documentation at /usr/share/doc/tiger/

BUGS

       Currently  Tigercron  has only one alert mechanism (mail) and signatures are not supported. Thus, alerts could be faked. Also, it is depen-
       dant on cron and will not work if cron is not working.

AUTHOR

       This manpage was written by Javier Fernandez-Sanguino.

Security							 19 September 2003						      TIGERCRON(8)
All times are GMT -4. The time now is 07:53 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy