HPE Community
Operating System - HP-UX
1833178 Members
2654 Online
110051 Solutions
New Discussion

Re: Script Help - Looping and Reading syslog for certain data

 
SOLVED
Go to solution
Laurie A. Krumrey
Regular Advisor

‎01-12-2002 04:37 AM

‎01-12-2002 04:37 AM

Script Help - Looping and Reading syslog for certain data

Hi All,

I am trying to pull only certain data out of
syslog.

Grep only today's date (I know how to do that)
syslog.

Then look for a certain string "BEG INFO"
read each line
until you find the string "END INFO" and
mail email (I know how to do that) with
output:

Syslog:
Jan 10 Junk Junk
Jan 11 Junk
Jan 11 info BEG INFO
Jan 11 Lots of lines of output (over 100)
Jan 11 info END INFO
Jan 11 More Junk

Now I only want the data between BEG INFO
and END INFO. Reading one line at a time
in sequential order.

thanks,
Laurie
Happiness is a choice
0 Kudos
Reply
7 REPLIES 7
James R. Ferguson
Acclaimed Contributor

‎01-12-2002 08:08 AM

‎01-12-2002 08:08 AM

Re: Script Help - Looping and Reading syslog for certain data

Hi Laurie:

'awk' is quite useful here:

# awk '/BEG/,/END/ {if ($1~/Jan/ && $2~/11/) {print $0}}' syslog.log > /tmp/output

This would output all the lines beginning with "BEG" through "END" for "Jan 11" and redirect them into /tmp/output.

Regards!

...JRF...
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎01-12-2002 09:44 AM

‎01-12-2002 09:44 AM

Re: Script Help - Looping and Reading syslog for certain data

Hi (again) Laurie:

Most likely you will want make your selection variable based. That's easily done by amending to this:

# X=Jan
# Y=11
# awk '/BEG/,/END/ {if ($1~X && $2~Y) {print $0}}' X=$X Y=$Y syslog.log

...or...

A=BEG;B=END
# X=Jan;Y=11
# awk '$4~A,$4~B {if ($1~X && $2~Y) {print $0}}' A=$A B=$B X=$X Y=$Y syslog.log

Regards!

...JRF...
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎01-12-2002 05:34 PM

‎01-12-2002 05:34 PM

Solution

Re: Script Help - Looping and Reading syslog for certain data

Hi Laurie,

You can also use sed to do your job.

grep "Jan 11" syslog.log |sed -n '/BEG INFO/,/END INFO/p'

This will print all the lines between and with the strings BEG INFO and END INFO

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Steven Sim Kok Leong
Honored Contributor

‎01-14-2002 07:16 AM

‎01-14-2002 07:16 AM

Re: Script Help - Looping and Reading syslog for certain data

Hi,

Perl script solution:

=====================================
#!/usr/bin/perl

$activate=0;
open (LOG, "/var/adm/syslog/syslog.log");
while ()
{
if (/BEG INFO/)
{
$activate=1;
}
elsif (/END INFO/)
{
exit 0;
}
elsif ($activate = 1)
{
print $_;
}
}
=====================================

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
Laurie A. Krumrey
Regular Advisor

‎01-14-2002 07:22 AM

‎01-14-2002 07:22 AM

Re: Script Help - Looping and Reading syslog for certain data

Hi All,

I need more help here. The story is the
date changes and I cannot hardcode it.
I have the script working right for each
of my 10 servers and it sents it to my
one separate syslog server. I want to
get one email from my syslog sever and not
10 separate emails.

Here my script on each of my 10 servers:
====================================
#!/usr/bin/ksh
INFO=/tmp/info$$
LOGFILE=/var/adm/admin/check.log
DATE=`date "+%b %d"`
ADMIN_EMAIL=Laurie
#
echo "=BEG OF COW's DAILY NEWS =" >> $INFO
last |grep "$DATE" >>${INFO}
echo "= END OF COW's DAILY NEWS =" >> $INFO

cat "$INFO" | mailx -s "COW's INFO" $ADMIN_EMAIL
cat "$INFO" >> $LOGFILE

# This will put the file INFO in syslog
logger -f "$INFO"
===============================
I run this daily on each of my ten servers
(ie. COW) with cron and spread them apart
by a few minutes.

I want only one email from my syslog
server. What should my script look like?
I tried the scripts listed and they don't
work.

Laurie
Happiness is a choice
0 Kudos
Reply
Laurie A. Krumrey
Regular Advisor

‎01-14-2002 07:39 AM

‎01-14-2002 07:39 AM

Re: Script Help - Looping and Reading syslog for certain data

OK I spoke to soon. It's working now.

Thank you for all your help.

Laurie
Happiness is a choice
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎01-14-2002 07:43 AM

‎01-14-2002 07:43 AM

Re: Script Help - Looping and Reading syslog for certain data

Hi Laurie,

For minimal modifications, stop the emailing from each of the 10 servers by plucking that mailx line out from the script.

Script on each of the 10 servers:
====================================
#!/usr/bin/ksh
INFO=/tmp/info$$
LOGFILE=/var/adm/admin/check.log
DATE=`date "+%b %d"`
#
echo "=BEG OF COW's DAILY NEWS =" >> $INFO
last |grep "$DATE" >>${INFO}
echo "= END OF COW's DAILY NEWS =" >> $INFO

cat "$INFO" >> $LOGFILE

# This will put the file INFO in syslog
logger -f "$INFO"
===============================

On the central syslog server:
====================================
#!/usr/bin/ksh

ADMIN_EMAIL=Laurie

# You may wish to use above perl script.
/scripts/extract.pl | mailx -s "COW's INFO" $ADMIN_EMAIL

cat "$INFO" >> $LOGFILE

# If you are only concerned with COW's INFO from the central syslog server, restarting syslogd moves syslog.log to OLDsyslog.log and start a new syslog.log. If you run this script in a cron, it will always extract fresh COW's INFO to email you.

/sbin/init.d/syslogd stop
/sbin/init.d/syslogd start
===============================

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.