Re: Monitoring any changes in /var/log/messages to file - Linux

This is a discussion on Re: Monitoring any changes in /var/log/messages to file - Linux ; On Fri, 11 Jul 2003 10:57:37 +0200, Sergiusz Michalski wrote: > Hi! > > Maybe you hav any good idea how to detect any new changes maked in > /var/log/messages and write it to new separate file. Any script??? > ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: Monitoring any changes in /var/log/messages to file

  1. Re: Monitoring any changes in /var/log/messages to file

    On Fri, 11 Jul 2003 10:57:37 +0200, Sergiusz Michalski wrote:
    > Hi!
    >
    > Maybe you hav any good idea how to detect any new changes maked in
    > /var/log/messages and write it to new separate file. Any script???
    >
    > I've tried to use diff program but I need to have 2 files to compare so I
    > don't think that this is an optional solution.


    Untested code follows:


    if [ ! -e /tmp/msg.old ] ; then # day1 create reference file
    sum /var/log/messages > /tmp/msg.old
    fi

    sum /var/log/messages > /tmp/msg.sum
    diff /tmp/msg.sum msg.old
    if [ ! $? ] ; then
    cp /var/log/messages /some/where/messages_$(date +%F_%H_%M)
    cp /tmp/msg.sum /tmp/msg.old
    mail -s "/var/log/messages changed" root < /dev/null
    fi

  2. Re: Monitoring any changes in /var/log/messages to file

    thats it, thx

    Użytkownik "Bit Twister" napisał w
    wiadomości news:slrnbgtiv2.1ui.BitTwister@wb.home...
    > On Fri, 11 Jul 2003 10:57:37 +0200, Sergiusz Michalski wrote:
    > > Hi!
    > >
    > > Maybe you hav any good idea how to detect any new changes maked in
    > > /var/log/messages and write it to new separate file. Any script???
    > >
    > > I've tried to use diff program but I need to have 2 files to compare so

    I
    > > don't think that this is an optional solution.

    >
    > Untested code follows:
    >
    >
    > if [ ! -e /tmp/msg.old ] ; then # day1 create reference file
    > sum /var/log/messages > /tmp/msg.old
    > fi
    >
    > sum /var/log/messages > /tmp/msg.sum
    > diff /tmp/msg.sum msg.old
    > if [ ! $? ] ; then
    > cp /var/log/messages /some/where/messages_$(date +%F_%H_%M)
    > cp /tmp/msg.sum /tmp/msg.old
    > mail -s "/var/log/messages changed" root < /dev/null
    > fi




+ Reply to Thread