Hi All,
Greetings!!
I am trying to write a script that will get me the syslog.log [/var/adm/syslog/syslog.log] file output of last week...
That is ...my cron will run on Monday and will get me the syslog output of previous week , last monday-last sunday.
I tried using date formatting and tail..but did not succeed.
Can you guys help me out in how to write the script.It is a bit urgent,,,:o
Thanks in advance.
What type of system are you using ??
Do you roll you syslog ??
On all the HP-UX systems I help manage, we roll the syslogs each morning ...
[/]# cat /usr/local/bin/movesyslogs.cron
#!/bin/ksh
#==========================================================================
# script: movesyslogs.cron
#
# Notations:
# dd/mm/yy Who Comment...................................................
#
# 04/10/05 JIM Initial script.
# Rotates and archives Syslog. mails syslog for checking.
#
#==========================================================================
. $HOME/.profile
SCRIPTUSER=`whoami`
#------------------------------------------------------------------------
# SYSLOG Email.
echo "-----------------------------------------------------"
echo "- MAIL SYSLOG TO OPS_REPORTS - ($OPS_REPORTS)"
echo "-----------------------------------------------------"
#mailx -s "`hostname` syslog report" hp@adomain.com < /var/adm/syslog/syslog.log
cat /var/adm/syslog/syslog.log | \
grep -v -e "not reverse" -e "Received disconnect" -e "Connection closed" \
-e "registrar/tcp: Connection from" | \
mailx -s "`hostname` syslog report" $OPS_REPORTS
$SCRIPTDIR/movelogs.sh /var/adm/syslog/\* $SYSLOGARCHIVE
You may have a similar $SYSLOGARCHIVE set up on your system.
Hope this helps some. 
Cheers,
Cam
Hi Cam,,
Thanks a ton...
I am using hp-ux 11.11.... [hp 9000 class servers]
Is the script that you have given something similar to the logrotate.conf script on linux?
What does this exactly do? will i get a week's log file from this?
kindly explain this script please.
thanks.
regards..
cat /var/adm/syslog/syslog.log | \
grep -v -e "not reverse" -e "Received disconnect" -e "Connection closed" \
-e "registrar/tcp: Connection from" | \
mailx -s "`hostname` syslog report" $OPS_REPORTS
I'll let you work this out for your own benefit.
The code for $SCRIPTDIR/movelogs.sh ...
/#!/bin/ksh
InTempl=$1
OutTempl=$2
mmmyy=`date +"%b%y"`
find $OutTempl/$mmmyy -type d >> /dev/null 2>&1
if [ $? -ne 0 ]
then
mkdir $OutTempl/$mmmyy
chmod 755 $OutTempl/$mmmyy
fi
for File in $(find $InTempl -xdev -prune -depth -type f )
do
nn=`echo $File | sed "s/\// /g" | wc -w `
let nn=nn+1
OutFile=`echo $File | cut -f $nn -d \/`
echo From $File to $OutTempl/$mmmyy/$OutFile
echo ======================================================================\
>> $OutTempl/$mmmyy/$OutFile
echo $File `ls -l $File | cut -c 46-57` >> $OutTempl/$mmmyy/$OutFile
echo ======================================================================\
>> $OutTempl/$mmmyy/$OutFile
cat $File >> $OutTempl/$mmmyy/$OutFile
cat > $File < /dev/null
done
Try to understand what it's doing yourself first, much more fun and you happen to retain what you learn in the process far more easily. If you still have trouble let the forum know.
As for getting a weeks worth, well we keep 13 months worth on disk. It doesn't take that much space.
Hope this is all helpful to you.
Cheers,
Cam
Hi Cam,
Thanks for the support.
I worked out the first code and i got the entire syslog output emailed to the mail id that i provided..but it proved too costly as the file size is >100Gb,,
Second code gives me errors..with find command in line 13..
Usage: find path-list [predicate-list]
Would be grateful if u'll help me sort this.
thanks..
regards