Languages and Scripting
Showing results for 
Search instead for 
Do you mean 

shell script for checking if the system logs are updating

SOLVED
Go to Solution
Regular Advisor

shell script for checking if the system logs are updating

Hi ,

 

Need a script to check whether  system logs are updating .

I have a perl one liner here , from this forum only to check in last 1 hour ;

 

perl -le 'exit 1 if -M "/var/opt/resmon/log/event.log" > 3600/86400'

 

But its not working ; my event.log file is not updated for last 3 months , still it doent throw any error.

Any reason why is it so ?

3 REPLIES
Honored Contributor [Founder]

Re: shell script for checking if the system logs are updating

The fact that your event log is not changing is not necessarily a bad thing.  It means that EMS is not detecting any events that it needs to notify you about. 

 

If you want to send a test event to EMS to verify that an event will get logged in that file you can do:

 

# /etc/opt/resmon/lbin/send_test_event -v disk_em

 

Then check the /var/opt/resmon/log/event.log file to see if it has the test event.  You can also just view this file via 'vi' or 'more' as it is a plain ASCII text file.

Regular Advisor

Re: shell script for checking if the system logs are updating

Hi Patrick ,

 

Its not about event log not getting updated.

What am saying is the perl liner given above should exit with value 1right , if the event.log is not updated in last 1 hr ?

 

Its not throwing me value of 1.

Kindly sugeest.

Highlighted
Honored Contributor [Founder]

Re: shell script for checking if the system logs are updating

Your one-liner will never produce any output. Instead, it will set its return value to 1 if the condition is true.

In other words, it should work like this:

 

# perl -le 'exit 1 if -M "/var/opt/resmon/log/event.log" > 3600/86400'

# echo $?
1

 

The return value is often easier to handle in scripts than explicitly catching and interpreting the output. For example, you might do something like this:

 

#!/bin/sh

if perl -le 'exit 1 if -M "/var/opt/resmon/log/event.log" > 3600/86400'
then
    echo "No new events within the last hour"
else
    echo "A new event has been received within the last hour"
fi

 

MK