Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Parse a file for certain new entries 1

Status
Not open for further replies.
TSch

TSch

Technical User
Jul 12, 2001
557
DE
Hi folks,

another task ahead of me:

I'd like to constantly monitor the /var/log/messages file for new (!) and only for new entries containing the word "ERROR".

One idea was starting with "tail".

e.g.

Code: 
tail -f | grep ERROR

However the problem starts, when I'm trying to find a way to send an email containing the whole ERROR line as soon as an error occurs ...

Could you give me some brainstorming on how to proceed ?

Regards,
Thomas
 
Sort by date Sort by votes
Bit of a coincidence, I'm writing a tool to do something very similar at the moment! In my case it's to filter out meaningless junk that we can't otherwise disable.

Here is the skeleton I'm using:

Code: 
[COLOR=#006600]#!/usr/bin/perl -w[/color]

[COLOR=#0000FF]use[/color] strict;

[COLOR=#FF0000]open[/color] MESSAGES, [COLOR=#808080]"< /var/log/messages"[/color] [COLOR=#FF8000]or[/color] [COLOR=#FF0000]die[/color];
[COLOR=#006600]# seek to end of file[/color]
[COLOR=#FF0000]seek[/color] MESSAGES,[COLOR=#FF0000]0[/color],[COLOR=#FF0000]2[/color];

[COLOR=#0000FF]my[/color] $prevsize=[COLOR=#FF0000]0[/color];

[COLOR=#0000FF]while[/color]([COLOR=#FF0000]1[/color]) {

    LINE: [COLOR=#0000FF]while[/color] (<MESSAGES>) {

        [COLOR=#0000FF]if[/color] (/ERROR/) {
            [COLOR=#FF0000]print[/color] [COLOR=#808080]"ERROR message encountered: $_"[/color];

            [COLOR=#006600]# insert code to send email here[/color]
        }

    }
    [COLOR=#FF0000]sleep[/color] [COLOR=#FF0000]1[/color];

    [COLOR=#006600]# Clear EOF flag, rewind to beginning if file has been truncated[/color]
    [COLOR=#0000FF]my[/color] ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = [COLOR=#FF0000]stat[/color](MESSAGES);
    [COLOR=#FF0000]seek[/color](MESSAGES,[COLOR=#FF0000]0[/color],$size < $prevsize ? [COLOR=#FF0000]0[/color] : [COLOR=#FF0000]1[/color]);
    $prevsize=$size;

}

[COLOR=#FF0000]close[/color] MESSAGES;


Annihilannic.
 
Upvote 0 Downvote
Perfect !!!
That's exactly what I was looking for :)

Thanks a lot !
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

EdLentz
  • Locked
  • Question
How can I escape $1 and &amp;&amp; in a SED command
Replies
1
Views
307
feherke
feherke
grazinggoat2
  • Locked
  • Question
ksh script to add multiple lines to csv cell formatting help
Replies
0
Views
208
grazinggoat2
grazinggoat2
pax94
  • Locked
  • Question
Script automating dynamic queries in a remote host
Replies
0
Views
176
pax94
pax94
boqsc
  • Locked
  • Question
Using IF statement's Regex comparison operator in a C Style For Loop 1
Replies
1
Views
134
feherke
feherke
rigstars2
  • Locked
  • Question
linux nested for loops HELP .. 1
Replies
7
Views
273
rigstars2
rigstars2

Part and Inventory Search

Sponsor

Back
Top