Languages and Scripting
cancel
Showing results for 
Search instead for 
Did you mean: 

shell script for checking if the system logs are updating

SOLVED
Go to solution
coollllllllllll
Regular Advisor

shell script for checking if the system logs are updating

Hi ,

 

Need a script to check whether  system logs are updating .

I have a perl one liner here , from this forum only to check in last 1 hour ;

 

perl -le 'exit 1 if -M "/var/opt/resmon/log/event.log" > 3600/86400'

 

But its not working ; my event.log file is not updated for last 3 months , still it doent throw any error.

Any reason why is it so ?

3 REPLIES
Patrick Wallek
Honored Contributor

Re: shell script for checking if the system logs are updating

The fact that your event log is not changing is not necessarily a bad thing.  It means that EMS is not detecting any events that it needs to notify you about. 

 

If you want to send a test event to EMS to verify that an event will get logged in that file you can do:

 

# /etc/opt/resmon/lbin/send_test_event -v disk_em

 

Then check the /var/opt/resmon/log/event.log file to see if it has the test event.  You can also just view this file via 'vi' or 'more' as it is a plain ASCII text file.

coollllllllllll
Regular Advisor

Re: shell script for checking if the system logs are updating

Hi Patrick ,

 

Its not about event log not getting updated.

What am saying is the perl liner given above should exit with value 1right , if the event.log is not updated in last 1 hr ?

 

Its not throwing me value of 1.

Kindly sugeest.

Highlighted
Matti_Kurkela
Honored Contributor
Solution

Re: shell script for checking if the system logs are updating

Your one-liner will never produce any output. Instead, it will set its return value to 1 if the condition is true.

In other words, it should work like this:

 

# perl -le 'exit 1 if -M "/var/opt/resmon/log/event.log" > 3600/86400'

# echo $?
1

 

The return value is often easier to handle in scripts than explicitly catching and interpreting the output. For example, you might do something like this:

 

#!/bin/sh

if perl -le 'exit 1 if -M "/var/opt/resmon/log/event.log" > 3600/86400'
then
    echo "No new events within the last hour"
else
    echo "A new event has been received within the last hour"
fi

 

MK