I have nearly 25+ tail commands which we need to verify the logs if there is any errors on current or previous date with time. I need this to be automate and send email to me with details. Please help me on this.
Please post example input data, and expected output.
Please post an example of the code you have so far.
I need exact output in emails, like i am checking logs via tail command with current dates or previous if there is any error we need to report.
#!/bin/sh
mailcontents=mailbody
while read line
do
if [ ! -f $line ]; then
echo "The file $line doesn't exist. Continuing with the next file..." >> $mailcontents
echo "============" >> $mailcontents
continue
else
last_mod_time=$(perl -MFile::stat -e "print stat('$line')->mtime") # this line checks the log's last modification time and converts it to Unix's epoch
last_24_hours=$(perl -e 'print time-86400') # this line returns the epoch for the current timestamp minus 24 hours
if [ $last_mod_time -lt $last_24_hours ]; then
echo "Log $line has NOT been updated in the last 24 hours" >> $mailcontents
else
echo "Log $line was updated during the last 24 hours" >> $mailcontents
fi
tail -100 $line > filename.txt
error=$(grep ERROR filename.txt | wc -l) # We look for the lines containing the word "ERROR" in the filename.txt file.
# Then we redirect the output to the wc -l command that will count the number
# of lines where the word ERROR appears.
if [ $error -gt 0 ]; then # If this condition is satisfied, that means the word ERROR appeared at least once in
# the log that's being examined in the current loop.
echo "ERROR found in log $line" >> $mailcontents
else
echo "No errors found in $line" >> $mailcontents
fi
fi
echo "============" >> $mailcontents
done < filename.txt
if [ -s $mailcontents ]; then
mail -s "Batch Job check on the server `hostname` - $(date +'%A %B %d, %Y')" nasirhussain4u4@gmail.com < $mailcontents
fi
# rm $mailcontents filename.txt # Delete auxiliary files when we're done.
So - that's the script. What's the error or the unfulfilled requirement?
P.S.: One thing that jumps to my eyes is that you repeatedly overwrite filename.txt in the middle of reading from it.
Yes,
tail -100 $line > filename.txt
changes the file that the loop currently reads from:
done < filename.txt
Should certainly be different e.g.
tail -100 $line > tmp.txt
error=$(grep ERROR tmp.txt | wc -l)
Or, in one stroke without a tmp file
error=$(tail -100 "$line" | grep -c "ERROR")
You could replace this:
tail -100 $line > filename.txt
error=$(grep ERROR filename.txt | wc -l) # We look for the lines containing the word "ERROR" in the filename.txt file.
# Then we redirect the output to the wc -l command that will count the number
# of lines where the word ERROR appears.
if [ $error -gt 0 ]; then # If this condition is satisfied, that means the word ERROR appeared at least once in
# the log that's being examined in the current loop.
echo "ERROR found in log $line" >> $mailcontents
with
if tail -100 $line | grep -q ERROR
then
echo "ERROR found in log $line" >> $mailcontents