I would like to write a script to check the log , if any line in the log have the string in include_list.txt but do not have the string in exclude_list.txt , then send alert mail to administrator , as below example , the line 1 have the string "string 4" ( which is in include_list.txt ) but do not have anything in exclude_list.txt , then display line 1 only in alert mail .
Would advise how to write this script ? very thanks .
Please post such examples with in CODE tags, as demanded by the forum rules, and it is easier to differ between space, tabs, or even reckognize their existence.
What have you tried to parse the entries of either one of the *clude-lists?
What have you tried to send a mail to the admin?
Have you searched the forum for at least one of the two questions?
Thank you.
---------- Post updated at 16:22 ---------- Previous update was at 03:32 ----------
Well, thanks for applying the code tags.
Any attemps you made so far on your own?
it helps , I will finish the script myself , but if I have 10 servers , rather receive 10 alert mails , how to make 10 mails becomes one single mail , all servers can be connected in any method , ssh , telnet , ftp ... etc.
You could have a file with the server names and try something like this (not tested):
while read server
do
ssh "$server" cat logfile
done < file_with_servernames | grep -vFf exclude_list.txt > /tmp/filtered_log
if messages=$(grep -Ff include_list /tmp/filtered_log); then
echo "$messages" | mailx ....
fi
thanks reply ,
the above script is check remote server log , it seem check 1 server only , right ?
if I want to access 10 servers to check its log , would advise how to do it ? thanks