功能是:
1.每天检查/var/log/message,secure,mail等log文件.
2.挑出前一天的记录中包括"abcdef..."或"cdefab..."或"....."字样的行.
3.将这些内容发送到我的邮箱中.
如何做,我刚接触shell,请大家帮忙.
1. 写好这个shell:
2. 配在cronttab 中
#!/bin/sh
$file="filename"
echo "" > $file
grep "abcdef..." /var/log/message >> $file
................
cat $file | mail name@domain -s"subject"
rm $file
对我来说,难点是既包括abcd又包括cdef的选择.
比如:在今天(日期也要通过程序自动获得)的记录行里,出现"unaviabale"或者"error"的行.
你的前一句是说和的关系,后面的例子是或者的关系,到底是哪一种啊
1. 写一个shell程序
#!/bin/sh
/usr/xpg4/bin/grep -E 'unaviabale|error' /var/adm/message > /tmp/file.$$
/usr/xpg4/bin/grep -E 'unaviabale|error' /var/adm/mail >> /tmp/file.$$
mailx -s "...." your-email-address@domain < /tmp/file.$$
rm /tmp/file.$$
2 将shell程序写入crontab
Jan 28 10:26:06 intranet sendmail[3359]: KAA03348: to=, delay=00:01:12, xdelay=00:00:00, mailer=local, stat=User unknown
Jan 28 10:26:06 intranet sendmail[3359]: KAA03348: KAA03359: DSN: User unknown
Jan 28 10:26:22 intranet sendmail[3364]: UAA20145: to=<5555555@goodforyou.com>, delay=3+13:37:35, xdelay=00:00:00, mailer=esmtp, relay=goodforyou.com. [212.100.230.160], stat=Deferred: Connection refused by goodforyou.com.
Jan 28 10:26:45 intranet sendmail[3359]: KAA03359: to=, delay=00:00:39, xdelay=00:00:39, mailer=esmtp, relay=public.ayptt.ha.cn. [202.102.230.147], stat=Sent (JAA27956 Message accepted for delivery)
Jan 28 10:26:57 intranet sendmail[3373]: KAA03373: from=, size=4795, class=0, pri=34795, nrcpts=1, msgid=<001001c1a79e$7cab5880$190aa8c0@linjing>, proto=ESMTP, relay=[192.168.10.25]
Jan 28 10:26:58 intranet sendmail[3375]: KAA03373: to=, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, relay=ca-css.com. [211.157.248.24], stat=Sent (2.6.0 <001001c1a79e$7cab5880$190aa8c0@linjing> Queued mail for delivery)
Jan 28 10:28:25 intranet sendmail[3384]: KAA03384: from=, size=29486, class=0, pri=59486, nrcpts=1, msgid=<200201280157.KAA09511@member.medikorea.net>, bodytype=8BITMIME, proto=ESMTP, relay=member.medidas.co.kr [203.239.120.13]
Jan 28 10:28:25 intranet sendmail[3388]: KAA03384: to=, delay=00:00:09, xdelay=00:00:00, mailer=local, stat=Sent
Jan 28 10:31:32 intranet sendmail[3399]: KAA03399: ruleset=check_mail, arg1=, relay=member.medidas.co.kr [203.239.120.13], reject=451 ... Sender domain must resolve
Jan 28 10:31:32 intranet sendmail[3399]: KAA03399: from=, size=0, class=0, pri=0, nrcpts=0, proto=ESMTP, relay=member.medidas.co.kr [203.239.120.13]
以上是我的log文件,我想写个shell,自动查找当天记录中含有"Sender domain must resolve"或"User unknown"的行,并发邮件给我.大家看这样对不对.
today="Jan 28"
/bin/grep $today & "Sender domain must resolve|User unknown" /var/log/messages | mail me@domain.com
这样应该可以吧,但是变量today如何自动获到今天的日期并转为以上格式呢?
不行呀,在命令行上运行
grep ""Sender domain must resolve|User unknown" /var/log/messages
就出不来什么东西.怎么回事呢?
要加上参数-e 或者-E
例如:
/usr/xpg4/bin/grep -E "Sender domain must resolve|User unknown" /var/log/messages
或者
/usr/xpg4/bin/grep -e "Sender domain must resove" -e "User unknown" /var/log/messages
注意:是/usr/xpg4/bin/grep
代码:
#!/bin/sh
DD=`date |cut -c 5-10`
#捕获当前日期,只包括月、日(根据实际情况来确定)
for FF in /var/log/message /var/log/secure /var/log/mail
do
cat $FF |grep $DD |grep abcdef >> /home/yourpath/logfile
done
# 分别cat几个日志文件,将里面含有特征字符的行重定向到/home/yourpath/logfile
mail yourmail /home/yourpath/logfile && rm /home/yourpath/logfile
# 向指定邮箱发送内容为/home/yourpath/logfile的邮件,成功后删除文件
# The End
# 未曾测试!
如果想既包括abcd又包括cdef,就把上面脚本里面的cat行改为:
cat $FF |grep $DD |grep abcd |grep cdef >> /home/yourpath/logfile
[这个贴子最后由梦叮咚在 2002/01/30 02:42pm 编辑]
谢谢feeling.
grep $DD /var/log/maillog时出现问题
$DD的值"Jan 30"之间的空格不能被grep认为一句,执行结果为:
grep: 30: No such file or directory
/var/log/maillog:Jan 7 16:16:33 test sendmail[519]: alias database /etc/aliases
rebuilt by root
/var/log/maillog:Jan 7 16:16:34 test sendmail[519]: /etc/aliases: 41 aliases, l
ongest 14 bytes, 413 bytes total
/var/log/maillog:Jan 7 16:16:34 test sendmail[529]: starting daemon (8.11.2): S
MTP+queueing@01:00:00
显然把30当成文件了.
试一下:grep "$DD" /var/log/maillog
谢谢各位,问题已经搞定,终于明白一个问题.原来`与'和"的差别这么大呀.
如果'是单引号,"是双引号,那么`算同什么符号呢?
最后结果如下:
(目的是每日检查/var/log/maillog文件,将当天内含有error1和含有error2的行发mail给user@domain.com)
[root@mail lizf]# cat shell01.sh
#!/bin/bash
today=`date +%b%e`
grep "$today" /var/log/maillog|grep "error1"
grep "$today" /var/log/maillog|grep "error2"
然后在cron里加上一行
~/shell01.sh|mail user@domain.com -s `date +%b%e`
