gsiva
September 7, 2009, 10:06am
1
Hi,
Here below the logs from the mail server:
less /var/log/messages:
Sep 6 04:03:31 server-59 out[30914]: 1252227811|webmaster@zilia.com|antonino.granata@gmail.com|2175|success|1
Where:
1252227827 -> this is one of the id generated for every second. Using this id we can find out how many email where send out with in a second.
less /var/log/messages/ | awk '{print $1,$2,$3, +$6}' | grep "Sep 6" | sort | uniq -c | sort -n
Here below the output of the above command:
Output:
Then,
less /var/log/messages | grep 1252236662
It will list the count of 40 mails send out from this id:
Sep 6 06:31:02 server-59 in[27341]: 1252236662|afnaz.bv@sysh.com.sa|achupnm@gmail.com|8035635|success|1
So, I need to automate the process of the above one. while running the command it should email me the email account . For eg: the account "afnaz.bv@sysh.com.sa" has used 40 in count. I need a script to email me the top 15 counts and the email account. Is this possible Via the shell script.
daPeach
September 7, 2009, 10:41am
2
sed -n '/^Sep 6/s/[^ ]* [^ ]* [^ ]* [^ ]* [^ ]* [^|]*|\([^|]*\)|.*/\1/p' yourLogFile |\
sort | uniq -c | sort -n | head -15 |\
mail -s 'mail count' yourID@your.dom
or shorter:
awk -F'|' '/Sep 6/ {print $2}' yourLogFile |sort |uniq -c |sort -n |tail -15 |mail -s 'mail count' youID@you.dom
The mail will look like this:
40 afnaz.bv@sysh.com.sa news@tarot.com
Hope some awker can do it straight.
Yes. It looks like you have most of the pieces in place already. (Though why do you use less instead of cat?)
You can use cron to run you script at intervals that you decide and the output stdout and stderr will be emailed to the address you provide.
I always keep a text file, ~/text/crontab.txt, to simplify updating cron. I edit it and then call this command to update what cron does.
crontab ~/text/crontab.txt
Here is a sample file. Be sure to specify the path, because cron executes with a very limited environment.
# crontab for Ken Jackson
# Time fields: minute, hour, day, month, day-of-week (0 or 7 is Sun)
MAILTO=ken
22 3 * * * $HOME/bin/cron_attempt_remote
4 4 * * * $HOME/bin/cron_uptime
58 6 * * * $HOME/bin/fixhtaccess -q
6 9 * * * $HOME/bin/fixhtaccess -q
gsiva
September 7, 2009, 11:08am
4
In the sed command, the path for the file is not mentioned, eg., /var/log/messages and also, this is an automated process, which should will be running in an hourly basis. So, that we can't specifically check with the date, like sep 6.
I hope it makes sense.
daPeach
September 7, 2009, 11:30am
5
Could this fit your needs:
theDate=$(LC_TIME=C date +'%b %d %H')
sed '/'$theDate'/s/[^ ]* [^ ]* [^ ]* [^ ]* [^ ]* [^|]*|\([^|]*\)|.*/\1/' /var/log/messages |\
...
gsiva
September 8, 2009, 4:58am
6
While running the scripts as a .sh, it gives the error message as
sed: -e expression #1 , char 4: unterminated address regex
gsiva
September 9, 2009, 7:26am
7
I tired with different options, but still getting with the same error.
panyam
September 9, 2009, 7:44am
8
Siva ..
try something like this :
theDate=$(LC_TIME=C date +'%b %d %H')
sed "/$theDate/ s/[^ ]* [^ ]* [^ ]* [^ ]* [^ ]* [^|]*|\([^|]*\)|.*/\1/" /var/log/messages |\
daPeach
September 9, 2009, 7:56am
9
exactly:
sed -n '/'"$(LC_TIME=C date +'%b %d %H')"'/ s/[^ ]* [^ ]* [^ ]* [^ ]* [^ ]* [^|]*|\([^|]*\)|.*/\1/p' /var/log/messages |\
...