I'm using Solaris 10 and would like to know how I can monitor the /var/adm/messages file for certain message types, and email them upon detection.
For example, I want to immediately email the IP-4-DUPADDR message as soon as it's generated so that people can respond to it ASAP.
I cannot find a IP-4-DUPADDR message right now, but another message that I would like to alert on is DUAL-5-NBRCHANGE. See below an example sent by a Cisco router with a logging level of "5" (Notice). The network syslog messages are constantly being written to the messages file, and I want to immediately alert on particular messages such as; DUAL-5-NBRCHANGE, IP-4-DUPADDR, etc.
hajwrs02.nls.jlrint.com %DUAL-5-NBRCHANGE: IP-EIGRP 521: Neighbor 10.224.32.45 (GigabitEthernet3/16) is up: new adjacency
Regards, Wynford
---------- Post updated at 10:44 AM ---------- Previous update was at 07:44 AM ----------
Hi all,
I suppose I can use an infinite While loop to do it.
I have a request to alert on the following message types:
DUAL-5-NBRCHANGE
IP-4-DUPADDR
STANDBY-3-DUPADDR
I just need an example script to use to search the messages file for the above message patterns and then email them to the users.
I have tried this script but it's not working:
Code:
while :
do
tail -f /var/adm/messages | grep RTD-1-ADDR_FLAP | mailx -r Syslog -s "Syslog Address Flaps" <email_address>
done
Location: Asia Pacific, Cyberspace, in the Dark Dystopia
Posts: 19,118
Thanks Given: 2,351
Thanked 3,359 Times in 1,878 Posts
There are thousands of examples of code on this site that searches a file and performs some pattern matching. If you search the site, you will find plenty of examples.
I've searched the site for a suitable while loop command, but couldn't find one to suit that I can understand.
Please can someone help me out here, I'm sure it's simple for someone out there, I'm not familiar with the while loop and so cannot interpret what I'm reading in the many scripts I've come across.
This is what I've got so far, but do not want it to repeat if a new message is not detected or is the same, only unique one's needed:
Code:
while true
do
cat /var/adm/messages | grep RTD-1-ADDR_FLAP | tail -1
sleep 10
done
Output at the moment, but need it to not repeat, but to be unique:
Nov 2 11:49:02 cbjsw205-1103.nls.jlrint.com 60577: Nov 2 11:49:01: %RTD-1-ADDR_FLAP: FastEthernet0/9 relearning 7 addrs per min
Nov 2 11:49:02 cbjsw205-1103.nls.jlrint.com 60577: Nov 2 11:49:01: %RTD-1-ADDR_FLAP: FastEthernet0/9 relearning 7 addrs per min
Nov 2 11:49:02 cbjsw205-1103.nls.jlrint.com 60577: Nov 2 11:49:01: %RTD-1-ADDR_FLAP: FastEthernet0/9 relearning 7 addrs per min
Nov 2 11:49:02 cbjsw205-1103.nls.jlrint.com 60577: Nov 2 11:49:01: %RTD-1-ADDR_FLAP: FastEthernet0/9 relearning 7 addrs per min
Nov 2 11:49:02 cbjsw205-1103.nls.jlrint.com 60577: Nov 2 11:49:01: %RTD-1-ADDR_FLAP: FastEthernet0/9 relearning 7 addrs per min
Location: Asia Pacific, Cyberspace, in the Dark Dystopia
Posts: 19,118
Thanks Given: 2,351
Thanked 3,359 Times in 1,878 Posts
I always write these types of scripts in PHP these days, so perhaps someone else can help who wants to write this in the shell script of your choice... which is?
The `bash` below uses the oldest folder in the specified directory and logs it. The goes though an analysis process and creates a log. My problem is that if there are 3 folders in the directory folder1,folder2,folder3, the bash is using folder2 for the analysis eventhough folder1 is the oldest... (0 Replies)
Write a program using select, which will create some number of child processes that continuously send text messages to the parent process using pipes. Each child has its own pipe that it uses to communicate with the parent. The parent uses select () to decide what pipes should be processed to... (1 Reply)
Hi
All of a sudden the syslog daemon in the server went down and then later I started it manually
# ps -ef | grep syslogd
root 217228 114906 0 Nov 16 - 0:00 /usr/sbin/syslogd
root 430306 290870 0 14:18:11 pts/0 0:00 grep syslogd
Can some one help me with a script which will monitor the... (2 Replies)
Hi,
My boss has suddenly started receiving 1000s of messages in his inbox. They are undelivered messages that are bouncing back, though the emails weren't coming from him. I guess either these are fake undelivered messages and are just scam emails. Or they are real emails being sent with spoofed... (1 Reply)
Dear list
its my first post and i would like to greet everyone
What i would like to do is select records 7 and 11 from each files in a folder then run an executable inside the script for the selected parameters.
The file format is something like this
7 100 200
7 100 250
7 100 300 ... (1 Reply)
Hi friends
I have syslog-ng installed in RHEL5 server, I make it as CEntral log for all servers in my network, Filtered by IP
Now What I want to do is make it send to me an email for a specific log for one of my server, In other word when any log sent from this IP (192.168.1.1 ) For... (4 Replies)
These are some of the mail command:
Usage:
? print this help message
# display message number #
- print previous
+ next (no delete)
! cmd execute cmd
<CR> next (no delete)
a position at and read... (5 Replies)
