whats is the best way to monitor file if it has not updated in last 24 hours.
example /var/logmessages in linux , /var/adm/messaged in solaris and alert to email .
find with mtime , perl file stat, anyone have any script examples of something better ?
Hi,
find could certainly be used in this scenario, yes. Here's a quick example based on a timescale of one minute, rather than one day, just to demonstrate the principal in action:
$ touch /tmp/testfile
$ find /tmp/testfile -mmin +1
$ sleep 60
$ find /tmp/testfile -mmin +1
/tmp/testfile
$
So the idea is to run your find command pointing directly at the file you're interested in, and specify your interval. So our example here is based on finding the file if it's been modified more than one minute ago via -mmin +1 , but you could just as easily check for over one day with -mtime +1 .
Hope this helps.
-mmin is not available for all versions of find. Also -mtime +1 means that the file is last modified more than 86400 seconds ago. Not how us humans think of yesterday.
Consider:
#!/bin/sh
# ago.shl
# usage: ago.shl [number]
# for date [number] days ago, at midnight, last second of that day.
# ./ago.shl 3 /path/to/myfile
# parms $1 days in past
# $2 name of file to change mtime on
ago()
{
perl -e ' my $delta = $ARGV[0];
$delta*=86400;
$delta=time - $delta; # subtract delta from "now"
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
localtime($delta);
printf("%04d%02d%02d%02d%02d.%02d\n",
$year+1900, $mon+1, $mday, 23, 59, 59);
' $1
}
# ago 1 last second of yesterday i.e., 2017062359.59 in touch format
when=$(ago $1)
# echo "$when"
touch -t "$when" $2
exit 0
Last 24 hours(=1 day) is possible with the classic find options
if [ "`find /var/adm/messages -mtime +0`" ]
then
echo "older than 1 day"
fi