Re: Monitoring any changes in /var/log/messages to file

On Fri, 11 Jul 2003 10:57:37 +0200, Sergiusz Michalski wrote:
> Hi!
>
> Maybe you hav any good idea how to detect any new changes maked in
> /var/log/messages and write it to new separate file. Any script???
>
> I've tried to use diff program but I need to have 2 files to compare so I
> don't think that this is an optional solution.

Untested code follows:


if [ ! -e /tmp/msg.old ] ; then # day1 create reference file
sum /var/log/messages > /tmp/msg.old
fi

sum /var/log/messages > /tmp/msg.sum
diff /tmp/msg.sum msg.old
if [ ! $? ] ; then
cp /var/log/messages /some/where/messages_$(date +%F_%H_%M)
cp /tmp/msg.sum /tmp/msg.old
mail -s "/var/log/messages changed" root < /dev/null
fi

thats it, thx

U¿ytkownik "Bit Twister" <BitTwister@localhost.localdomain> napisa³ w
wiadomo¶ci news:slrnbgtiv2.1ui.BitTwister@wb.home...
> On Fri, 11 Jul 2003 10:57:37 +0200, Sergiusz Michalski wrote:
> > Hi!
> >
> > Maybe you hav any good idea how to detect any new changes maked in
> > /var/log/messages and write it to new separate file. Any script???
> >
> > I've tried to use diff program but I need to have 2 files to compare so
I
> > don't think that this is an optional solution.
>
> Untested code follows:
>
>
> if [ ! -e /tmp/msg.old ] ; then # day1 create reference file
> sum /var/log/messages > /tmp/msg.old
> fi
>
> sum /var/log/messages > /tmp/msg.sum
> diff /tmp/msg.sum msg.old
> if [ ! $? ] ; then
> cp /var/log/messages /some/where/messages_$(date +%F_%H_%M)
> cp /tmp/msg.sum /tmp/msg.old
> mail -s "/var/log/messages changed" root < /dev/null
> fi