Hi Rudy,
Below are some of the responses to your queries:
Is
ctftestdump
your (company's) own command or script, i.e. are you responsible and in a position to analyse / modify it? How is it to be terminated under normal circumstances? Does it deliver a (meaningful?) exit status? Is that reliable and could be exploited for your purpose?
I think its a binary file which accepts arguments and we cannot modify it. We cant exploit it.
what is
querytas.txt
for?
It holds the queries/requests which need to be sent.
[sasahu@cts-pro-mgmt-srv1 idc_test_tool]$ cat querytas.txt
5022=LoginUser|5028=red3|5029=red3|5026=1
5022=QueryTas|4=564|5=EA|5045=1|5026=1003
5022=QueryTas|4=193|5=E:CUSAN.E|5045=1|5026=1004
5022=QueryTas|4=558|5=E|5045=1|5026=1005
5022=QueryTas|4=627|5=E:VOD|5045=1|5026=1006
5022=QueryTas|4=824|5=E:AASB-ME|5045=1|5026=1007
5022=QueryTas|4=205|5=E:SHFIN|5045=1|5026=1008
5022=QueryTas|4=216|5=E:2INVE|5045=1|5026=1009
5022=QueryTas|4=257|5=E:AT00000FACC2-EUR|5045=1|5026=1010
5022=QueryTas|4=873|5=E:AHAN|5045=1|5026=1011
After how many
5001=-46<ETX>
occurrences should the new script terminate / send the e-mails? How long should it wait for that string? Is 46 the only error number?
When we run the
testit_tas.sh
, it gives the output instantly. There is nothing like we need to wait for some number of occurences of -46. It gives the output instantly and we can terminate it instantly. Below is some information about the output:
So there are three possibilities for the output (remember the response will have the 5026=xxxxx which matches the request)
- Data is returned
3=564|4=564|5=AAL|269=15|55=40002379|5061=2989|5055=2045|479=t|10=55.28|11=3|1206=0|16=1519894802.4412|12=52.62|13=10|2001=0|2003=0|478=t|5026=117032<ETX>
5001=0|5026=117032<ETX>
the first line is the data itself, with the 5026=117032
the second line is the response terminator 5001=0
- Error -46 is returned
5022=QueryTas|4=824|5=E:AASB-ME|5045=1|5026=27023|5001=-46<ETX>
This is what we want to capture and send an alert over email.
- A different error is returned.
5001=-203|5026=87029<ETX>
In this case the error is -203. There could be other errors. This is not urgent issue and we don't need to capture it for now.
cron sends e-mails with a job's output when it finishes - would that be sufficient to accomplish the task?
It would be better if we can just report the lines(represents which markets) contains
5001=-46
(Error) so that further investigation can be done.
So, in short we need to run the
testit_tas.sh
3 times a day to check the server and if there are error (-46) in the output, we will report specific user over email. I hope, I was able to define the requirement
Thanks,
Sam