HPE Community
Operating System - HP-UX
1834022 Members
2330 Online
110063 Solutions
New Discussion

Syslog actions

 
SOLVED
Go to solution
Nial Gunn
Frequent Advisor

‎11-23-2001 07:51 AM

‎11-23-2001 07:51 AM

Syslog actions

Is it possible to cause actions to be executed upon the receipt of a given string of text in the body of a syslog message. (i.e., I have a device that sends a syslog message to my HP-UX box and if the words "config change" occur in the body of the message, then I want the HP-UX box to execute a pre-defined shell script.
0 Kudos
Reply
4 REPLIES 4
G. Vrijhoeven
Honored Contributor

‎11-23-2001 08:06 AM

‎11-23-2001 08:06 AM

Re: Syslog actions

Hi,

I do think it is easier to do a seach on config file and theire dates.

Start by creating a file that includes all the config files you like to monitor, use that file to compair the dates and if the are not simular, execute an script.

Gideon
0 Kudos
Reply
Nial Gunn
Frequent Advisor

‎11-23-2001 08:11 AM

‎11-23-2001 08:11 AM

Re: Syslog actions

I think I understand what you are saying but such a mecanism would mean doing some kind of regular polling of the files. I am looking for something that reacts upon the receipt of a syslog message from an external source. Some kind of interceptor utility that examines the text for a string as and when the messages are received as opposed to a periodic check, say for example,every 10 minutes.
0 Kudos
Reply
Robin Wakefield
Honored Contributor

‎11-23-2001 08:11 AM

‎11-23-2001 08:11 AM

Solution

Re: Syslog actions

Hi Rob,

This script may do what you want, albeit simplistically:

#!/bin/ksh

tail -1f /var/adm/syslog/syslog.log | while read line ; do
echo $line | grep -q "search string" && your_script
done

Rgds, Robin.
Reply
G. Vrijhoeven
Honored Contributor

‎11-23-2001 08:19 AM

‎11-23-2001 08:19 AM

Re: Syslog actions

Hi,

Robins script will work fine. I tried to create a simular script but forgot the -1 option (tail).:-(

Have a nice weekend.

Gideon
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.