#!/bin/sh
# vi:tabstop=4
#
# chk_syslog_msgs Look for errors in the system log file from today and mail them to $NOTIFY
#
#
# This should be run from crontab with:
#
# 59 23 * * * /usr/local/etc/syswatch/bin/chk_syslog_msgs
#
#
# Config file: <config>/notify.chk_syslog_msgs
# contains: email addrs
#
# Filter file: <config>/syslog_msgs.ignore
# contains: lines to ignore
# example:
#
# PAM_pwdb.*: (rsh) session opened for user syswatch
# PAM_pwdb.*: (rsh) session closed for user syswatch
# sendmail.*:
# allowed to syswatch@dunsany.metawire.com as syswatch
# rcp.*: IMPORT file from host angstrom cmd is rcp -f /etc/raddb/users, local user radadmin
#
getopts "d" dbg
. /usr/local/etc/syswatch/bin/sw_common.sh
#
# Default place where syslog puts msgs and their date fmt:
#
LOG_FILE=/var/log/messages
SEARCH_DAY=`$GET_DATE -month -space -spacePaddedDay`
#
# But of course Solaris has to be different:
#
if [ $OS_TYPE = "Solaris" ] ;
then
LOG_FILE=/usr/adm/messages
fi
#
# And why does SGI/Irix also have to be different?
#
if [ $OS_TYPE = "Irix" ] ;
then
LOG_FILE=/usr/adm/SYSLOG
fi
#
# Set basic vars: who to tell, mail msg, what to
# ignore, etc.
#
NOTIFY="`cat $SW_CONFIG/notify.chk_syslog_msgs`"
SUBJ="** $SW_HOST SYSLOG for `$GET_DATE -month -space -spacePaddedDay`"
FILTER_FILE=$SW_CONFIG/syslog_msgs.ignore
TMP=$SW_TMP/cksyslog.$$
TMP2=$SW_TMP/cksyslog2.$$
#
# Get all msgs for (to)day:
#
$GREP "^$SEARCH_DAY" $LOG_FILE > $TMP
#
# Filter out msgs we don't want to see
#
if test -f $FILTER_FILE
then
COUNTER=`$READ_LINE -start $FILTER_FILE`
while ln=`$READ_LINE -line $COUNTER $FILTER_FILE`
do
$GREP -v "$ln" $TMP > $TMP2
$MV $TMP2 $TMP
done
$READ_LINE -finish $COUNTER
fi
#
# Debugging? Then just print results, don't
# email them anywhere
#
if [ "$dbg" = "d" ] ;
then
echo "Debug:"
if test -s $TMP
then
$CAT $TMP
$RM $TMP
else
echo "Nothing found."
fi
exit
fi
#
# Got some msgs, so send them out
#
if test -s $TMP
then
/usr/lib/sendmail $NOTIFY <<EOF
To: $NOTIFY
Subject: $SUBJ
`$CAT $TMP`
EOF
fi
$RM $TMP
|
home
