Monitoring Sript giving random end result

Shell Programming and Scripting
1

Hi Guys,

I am developing a script to monitor GUI based FileNet Component "Component Manager" which logs it's running status in a log file.

Log file is a huge file so in script I put last 300 lines of log file in seperate file and run script every 5 minutes.
I am searching the string "Component Manager stopped" in the below shown log file output.

My requirement is -
If string "Component Manager stopped" is found in log file, a simple file should generate which will be taken by the tivoli alert as tivoli alert input and alert will generate.

Problem faced by me -
I am finding it difficult to handle multiple entries of string "component manager stopped" also I just want the latest entry to be monitored and if once monitored the same alert should not be alerted again .

Log file shows following error message when the component manager stops .
-----------------------------------------------------------------

pe.txt.2012-03-28:2012/03/28 00:57:48 [RMI TCP Connection(536)-10.87.130.42] INFO  filenet.vw.ComponentIntegrator  Component Manager stopped.
pe.txt.2012-03-28:2012/03/28 00:57:48 [RMI TCP Connection(536)-10.87.130.42] INFO  filenet.vw.ComponentIntegrator  Component Manager stopped.

------------------------------------------------------------------

Script Description -
In my script , I am searching for string from bottom to top in log file to get latest alert only and if entry found take it's time stamp save it in text file , compare the time stamp with current time stamp ..if it matches then do not generate alert but if it does not match , generate alert ..

Script code -

#!/bin/ksh
tail -300 pe_1.txt > msgtime.txt
head -1 newfile.txt | sed 's/://g' | read temp
tac msgtime.txt | grep "Component Manager stopped" msgtime.txt | while read line
                                                  do
                                                  awk '{ print $2}' | sed 's/://g' | read msgtime
                                                  done
   
test $temp -eq $msgtime
if [ $? -eq 0 ]; then
   echo "tivoli already generated"
else
   echo "$msgtime" > newfile.txt
   touch $msgtime.txt ComponentManagerDown_on_`hostname`.txt
fi

kindly help for any modifications required as the script does not give the result intended .

2

Please post what Operating System and version you are running.

What size is a typical log file and how many records in a typical log file?

ls -lad pe_1.txt
wc -l pe_1.txt

And how many "Component Manager stopped" lines:

grep "Component Manager stopped" pe_1.txt | wc -l

Most versions of tail have a limited buffer. What do you get for:

tail -300 pe_1.txt | wc -l
3

Please note that my code is following and not the previously posted -

#!/bin/ksh
tail -300 pe_1.txt > msgtime_1.txt

tail -r msgtime_1.txt > msgtime.txt

head -1 newfile.txt | sed 's/://g' | read temp

grep "Component Manager stopped" msgtime.txt | while read line
                                                 do
                                                     awk '{ print $2}' | sed 's/://g' | read msgtime
                                                done

test $temp -eq $msgtime
if [ $? -eq 0 ]; then
   echo "tivoli already generated"
else
   echo "$msgtime" > newfile.txt
   touch $msgtime.txt ComponentManagerDown_on_`hostname`.txt
fi

Methyl,
answers to your queries -
# AIX OS -> 5.3.12.1 .
# Log file size varies from 30 KB to 0.13 GB daily.
# The number of times , we would try to start the component manager and stop it ,
we get the entry "component manager stopped" string in log file.

Please let me know any queries , looking fwd to your reply .