Hi All,
Please help to write the script that should raise an alarm if the new logs will not come in the log file.
In other words i want to write a script which will monitor the log file continuously and will raise an alarm if the logs will not come after some time suppose 5 minutes.My boss asked me to do this so please help me, it is Urgent.
Advance Thanks,
Akhtar Bhat (9718200827)
Are there timestamps in there so you know what is 5 minutes old? Do you see an entry in the log or can you use it in the script when the action is taken, that should cause such a log entry?
You can also try to copy (if you have enough free space) the actual log away, wait 5 mins, then diff it to the actual log and check the diff if there is the entry in it and if not, launch your alarm.
Hi Zaxxon,
No there are no time stamps in the log file.I think u donot understand my question the problem is the script will monitor the live log file and if new logs are not coming/generating in the file within some time suppose 5 minutes then the alarm should be raised.Hope u got it this time.I was thinking that script should contain a counter which will be incremented evry time some thing like that.
here r some logs
16732823 [AGIML SERVER REQUEST WORKER [86_2]] DEBUG message - DBG [] STACKMGR........................freeProcessor - freeProcessor start mgrId=6377
16732823 [AGIML SERVER REQUEST WORKER [86_2]] DEBUG client - DBG AGIML SERVER[86] RESPONSE Q .................put() (trans id=[6377])
16732824 [AGIML SERVER RESPONSE WORKER [86_1]] DEBUG client - DBG AGIML SERVER[86].............................write() (<agiml><header><responsetype>TOPUP</
responsetype></header><response><resultcode>29</resultcode><value>30.0</value><timestamp>2008-11-04 17:20:54</timestamp><account>9810815334</account><transno
>6377</transno><agenttransno>123</agenttransno><resultdescription>Topup value not defined or allowed</resultdescription></response></agiml>)
16732825 [SERVER CXN READER [86 [/127.0.0.1:35900]]] INFO client - INF SERVER CXN READER [86 [/127.0.0.1:35900]]....run() (Received NULL input from client!!
)
16732825 [SERVER CXN READER [86 [/127.0.0.1:35900]]] INFO client - INF SERVER CXN READER [86 [/127.0.0.1:35900]]....run() (Connection Reader Thread terminat
ed... )
16732827 [AGIML SERVER REQUEST WORKER [86_2]] DEBUG client - DBG AGIML SERVER[86] REQUEST Q ..................get() ()
16732831 [AGIML SERVER RESPONSE WORKER [86_1]] DEBUG client - DBG AGIML SERVER[86] RESPONSE Q .................get() ()
16733555 [SERVER CXN READER [83 [/127.0.0.1:35897]]] INFO client - INF CLIENT CONNECTION MGR........................removeClient() (Removing agiml client 83
)
16733561 [SERVER CXN READER [84 [/127.0.0.1:35898]]] INFO client - INF CLIENT CONNECTION MGR........................removeClient() (Removing agiml client 84
)
16733808 [SERVER CXN READER [85 [/127.0.0.1:35899]]] INFO client - INF CLIENT CONNECTION MGR........................removeClient() (Removing agiml client 85
)
16733828 [SERVER CXN READER [86 [/127.0.0.1:35900]]] INFO client - INF CLIENT CONNECTION MGR........................removeClient() (Removing agiml client 86
Ah ok, now I got it, I think 
Just use cksum or get the size with "ls -l" or number of lines/characters with wc on the log file, write the result of one of those commands to a file in /tmp for example. Start the script every 5 mins and compare the actual result with the one taken 5 minutes before in the file in /tmp. If nothing changed just launch the alarm.
Hi Sir,
This is what I was looking for. Thanks for this, now the problem is that it is so hectic to start the script after every five minutes, Do you have any idea to start the script automatically without using the crontab command
Hi Zaxxon,
Thanks for the help, I did it
bye