Hi Guys,
I�ve a little question, perhaps somebody can help or have a hint for me ...
Here�s my problem:
We�ve a server which do at night an update of his virus-pattern, in /var/log/messages I can see if the update was successful or not, and mail the result to root
cutout of /var/log/messages:
...
May 12 06:01:27 hostname rtvscand: New virus definition file loaded. Version: 130511b.
May 12 06:01:27 hostname rtvscand: Download of virus definition file from LiveUpdate server succeeded.
...
...
Until now this was my procedure:
I�ve 2 scripts in my crontab
* 7 * * * root /root/sav-log.sh >> /var/log/sav-update.log
5 7 * * * root /root/sav-log2.sh
Here�s sav-log.sh:
/bin/echo "--------------------------------------------"
/bin/date
echo Script "SAV-LOG"
tail -8 /var/log/messages |grep rtvscand | awk '{ print $0 ;}'
and sav-log2.sh:
tail -4 /var/log/sav-update.log | mail -r root -s "SAV-Update" root
Until now this worked well, but now - because this server should become a Log-Server too, in /var/log/messages there were much entries from other servers also, so my script with "tail -8" don�t work, because "rtvscand" is now somewhere between other messages and not between the last 8.
Now I have to find out where is the last entry with "rtvscand"; it�s a little bit tricky because I can�t write for example tail -50 because it�s possible then that I get the result like this:
...
May 11 06:01:40 hostname rtvscand: New virus definition file loaded. Version: 130510c.
May 11 06:01:40 hostname rtvscand: Download of virus definition file from LiveUpdate server succeeded.
May 12 06:01:27 hostname rtvscand: New virus definition file loaded. Version: 130511b.
May 12 06:01:27 hostname rtvscand: Download of virus definition file from LiveUpdate server succeeded.
...
... but I want only the last day -> in this case May, 12
So I�ve to modify my script that only the entry with "rtvscand" with the
actual date will be found ....
perhaps something like this:
tail -50 /var/log/messages |grep "actual date" rtvscand | awk '{ print $0 ;}'
Perhaps somebody could help me?
Many thanks.
Regards