HPE Community
Operating System - Linux
1820270 Members
3381 Online
109622 Solutions
New Discussion юеВ

script to grep specifics out of sulog

 
SOLVED
Go to solution
KPS
Super Advisor

тАО08-04-2005 09:11 AM

тАО08-04-2005 09:11 AM

script to grep specifics out of sulog

Hi,

Looking to make a very simple script that simply will be called by cron to cat the sulog to grep for a certain user. Could someone help as I'm quite "green" to scripting?


Thanks,

KPS
0 Kudos
Reply
4 REPLIES 4
Rick Garland
Honored Contributor

тАО08-04-2005 09:15 AM

тАО08-04-2005 09:15 AM

Solution

Re: script to grep specifics out of sulog

cat /var/adm/sulog | grep

Can use 'grep -i' to be case insensitive

This can be a 1-liner from command line or you can out into a script
Reply
Patrick Wallek
Honored Contributor

тАО08-04-2005 09:16 AM

тАО08-04-2005 09:16 AM

Re: script to grep specifics out of sulog

grep user /var/adm/sulog

That's really it. Nothing facy needed. That will return the entire line with "user" on it. Just put the appropriate user name in place of "user".

If you want this in a script:

# cat grep_su

#!/usr/bin/sh
grep user /var/adm/sulog

Reply
Tom Schroll
Frequent Advisor

тАО08-04-2005 09:22 AM

тАО08-04-2005 09:22 AM

Re: script to grep specifics out of sulog


If you want it to be called from cron, you probably want to email the results to yourself. Here is a one line command that you can place in cron. Or if you want a script, you can place this in a script file as per the examples above.

grep user /var/adm/sulog | mailx -s "sulog user report" _admin_

Otherwise, cron will email an "error" that the job produced output.

NOTE: substitute _admin_ with whatever email address you need.

-- Tom
If it ain't broke, it needs optimized.
Reply
Alan Meyer_4
Respected Contributor

тАО08-04-2005 09:46 AM

тАО08-04-2005 09:46 AM

Re: script to grep specifics out of sulog

here's a script to monitor it simply.

Be sure to create a file called lastline with 0 in the first line to start. This way you'll only be given new lines each time it is run. Also to be sure to modify the grep part to contain the strings that you want to see.

#!/bin/ksh

# Get the last line read to only print out new lines
LASTLINE=`cat lastline`

CURLINE=0

# Read in all the syslog and only grep for desired strings past last line
cat /var/adm/syslog/syslog.log |while read LINE ;do
((CURLINE=CURLINE+1))
[[ $CURLINE -gt $LASTLINE ]] && echo "$LINE" |grep -E 'ftp|syslogd|inetd'
done

# Save out the last line read
echo $CURLINE > lastline
" I may not be certified, but I am certifiable... "
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.