Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Help with Grep

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Help with Grep
# 1  
Old 10-13-2011
Help with Grep
Hello,

I m trying to send an email alert when any error is captured in the log file.
The log file is getting updated every second with multiple lines. I'm planning to grep the error message and send the alert email.
I have scheduled the script in cron tab to run for every 5 mins.
But the alert is being sent for historical errors also. How to set the script in such a way that latest email alert is sent for latest error entry in the log file and not historic ones.
# 2  
Old 10-13-2011
Only you can answer to that question: We have no idea what your logfile looks like...
Where is the last entry (beginning or end of file... ), what is the size of an entry (1 or many lines... fixed size or variable etc)
# 3  
Old 10-13-2011
Its a single log file which is getting updated 24*7 . Its about 120 MB.
Every second entries are getting appended to the log file .
Log entry looks like

Code:
*** NEW CONNECTION ATTEMPT STARTING AT 2011/09/26 21:35:37 SID 2215 21:35:37.776 message from core: MFI 31 SID 2215 
21:35:37.776 creating new child process to handle this message
21:35:37.776 table entry created for child process 20880
21:35:37.776 1 child proc21:35:37.ess currently registered
776 pid 20880: process started
21:35:37.776 pid 20880: child process signal handlers installed
21:35:37.776 pid 20880: protocol 00h
21:35:37.776 pid 20880: Trans info MFI 31 SID 2215 Trans No 747469
21:35:37.796 pid 20868: comms buffer freed
21:35:37.976 pid 20880: Unexpected out-of-band data signal received
21:35:37.976 pid 20880: process is stopping
21:35:37.976 pid 20880: error sent to parent
21:35:37.976 error response received from child 20880
21:35:37.976 removed table entry for child 20880
21:35:37.976 0 child processes currently registered
21:35:37.976 sending message to core
21:35:37.976 trying 100000 times for flags 00h to clear to zero
21:35:37.976 flags have cleared to 00h
21:35:37.976 have set flags to 01h, this driver's flag is 01h
21:35:37.976 have successfully set flags to 01h
21:35:37.976 received message notification from core (signal 16)
21:35:37.976 ignoring message because MFI is not 31 (MFI is 33)
21:35:37.986 pid 20875: comms buffer freed
21:35:38.586 pid 20878: comms buffer freed
21:35:38.786 pid 20879: comms buffer freed
21:35:38.806 pid 20868: process now stopped
21:35:38.816 Child process (20868) terminated gracefully
21:35:38.986 pid 20880: comms buffer freed
21:35:38.996 pid 20875: process now stopped
21:35:39.806 Child process (20879) terminated gracefully
21:35:39.996 pid 20880: process now stopped
21:35:40.006 Child process (20880) terminated gracefully
21:36:06.986 received message notification from core (signal 16)
21:36:06.986 
*** NEW CONNECTION ATTEMPT STARTING AT 2011/09/26 21:36:06 SID 2586 21:36:06.986 message from core: MFI 31 SID 2586 Trans No 747470
21:36:06.986 creating new child process to handle this message
21:36:06.986 table entry created for child process 20979
21:36:06.986 1 child process currently registered
21:36:06.986 pid 20979: process started
21:36:06.986 pid 20979: child process signal handlers installed


The alert needs to be sent when "Child process terminated gracefully " is encountered. How can we scan the newly appened lines in log file for the error message instead of full scan so that past errors can be ignored.

Moderator's Comments:
Mod Comment Video tutorial on how to use code tags in The UNIX and Linux Forums.
Last edited by pludi; 10-13-2011 at 10:29 AM..
# 4  
Old 10-13-2011
Is it a log file manipulated with a tool like logrotate?
I not When is it initialized again (set - 0...)?
What are the errors? Can you give sample extract of your log file with the error part highlighted?
# 5  
Old 10-13-2011
See if this works for you:
Code:
#!/usr/bin/ksh
typeset -i mPrevLast=$(cat File_Err_Nbr 2>/dev/null)
typeset -i mCurrLast=$(wc -l < File_Log)
mPrevLast=${mPrevLast}+1
sed -n "${mPrevLast},${mCurrLast}p" File_log | egrep 'Child process.*terminated gracefully' |
while read mLine; do
  echo "mLine <$mLine>"
  < manipulate error lines here >
done
echo ${mCurrLast} > File_Err_Nbr

# 6  
Old 10-13-2011
Very new to unix. So please correct me if i am wrong.

use tail -f to get the tail lines of the log file. Grep the error string from those lines. If there is an error, send an email.
# 7  
Old 10-13-2011
I kind of agree; running tail -f once, instead of running tail every 5 minutes, means you don't miss things between cron calls.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Inconsistent `ps -eaf -o args | grep -i sfs_pcard_load_file.ksh | grep -v grep | wc -l`

i have this line of code that looks for the same file if it is currently running and returns the count. `ps -eaf -o args | grep -i sfs_pcard_load_file.ksh | grep -v grep | wc -l` basically it is assigned to a variable ISRUNNING=`ps -eaf -o args | grep -i sfs_pcard_load_file.ksh |... (6 Replies)
Discussion started by: wtolentino
6 Replies

2. UNIX for Dummies Questions & Answers

Piping grep into awk, read the next line using grep

Hi, I have a number of files containing the information below. """"" Fundallinfo 6.3950 14.9715 14.0482 """"" I would like to grep for Fundallinfo and use it to read the next line? I ideally would like to read the three numbers that follow in the next line and... (2 Replies)
Discussion started by: Paul Moghadam
2 Replies

3. UNIX for Dummies Questions & Answers

Bash - CLI - grep - Passing result to grep through pipe

Hello. I want to get all modules which are loaded and which name are exactly 2 characters long and not more than 2 characters and begin with "nv" lsmod | (e)grep '^nv???????????? I want to get all modules which are loaded and which name begin with "nv" and are 2 to 7 characters long ... (1 Reply)
Discussion started by: jcdole
1 Replies

4. Shell Programming and Scripting

AWK/GREP: grep only lines starting with integer

I have an input file 12.4 1.72849432773174e+01 -7.74784188610632e+01 12.5 9.59432114416327e-01 -7.87018212757537e+01 15.6 5.20139995965960e-01 -5.61612429666624e+01 29.3 3.76696387248366e+00 -7.42896194101892e+01 32.1 1.86899877018077e+01 -7.56508762501408e+01 35 6.98857157014640e+00... (2 Replies)
Discussion started by: chrisjorg
2 Replies

5. UNIX for Dummies Questions & Answers

Advanced grep'in... grep for data next to static element.

I have a directory I need to grep which consists of numbered sub directories. The sub directory names change daily. A file resides in this main directory that shows which sub directories are FULL backups or INCREMENTAL backups. My goal is to grep the directory for the word "full" and then... (2 Replies)
Discussion started by: SysAdm2
2 Replies

6. UNIX for Dummies Questions & Answers

Difference between grep, egrep & grep -i

Hi All, Please i need to know the difference between grep, egrep & grep -i when used to serach through a file. My platform is SunOS 5.9 & i'm using the korn shell. Regards, - divroro12 - (2 Replies)
Discussion started by: divroro12
2 Replies

7. Shell Programming and Scripting

grep for certain files using a file as input to grep and then move

Hi All, I need to grep few files which has words like the below in the file name , which i want to put it in a file and and grep for the files which contain these names and move it to a new directory , full file name -C20091210.1000-20091210.1100_SMGBSC3:1000... (2 Replies)
Discussion started by: anita07
2 Replies

8. UNIX for Dummies Questions & Answers

| help | unix | grep (GNU grep) 2.5.1 | advanced regex syntax

Hello, I'm working on unix with grep (GNU grep) 2.5.1. I'm going through some of the newer regex syntax using Regular Expression Reference - Advanced Syntax a guide. ls -aLl /bin | grep "\(x\)" Which works, just highlights 'x' where ever, when ever. I'm trying to to get (?:) to work but... (4 Replies)
Discussion started by: MykC
4 Replies

9. UNIX for Dummies Questions & Answers

| help | unix | grep - Can I use grep to return a string with exactly n matches?

Hello, I looking to use grep to return a string with exactly n matches. I'm building off this: ls -aLl /bin | grep '^.\{9\}x' | tr -s ' ' -rwxr-xr-x 1 root root 632816 Nov 25 2008 vi -rwxr-xr-x 1 root root 632816 Nov 25 2008 view -rwxr-xr-x 1 root root 16008 May 25 2008... (7 Replies)
Discussion started by: MykC
7 Replies

10. Shell Programming and Scripting

MEM=`ps v $PPID| grep -i db2 | grep -v grep| awk '{ if ( $7 ~ " " ) { print 0 } else

Hi Guys, I need to set the value of $7 to zero in case $7 is NULL. I've tried the below command but doesn't work. Any ideas. thanks guys. MEM=`ps v $PPID| grep -i db2 | grep -v grep| awk '{ if ( $7 ~ " " ) { print 0 } else { print $7}}' ` Harby. (4 Replies)
Discussion started by: hariza
4 Replies
Login or Register to Ask a Question