Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Automatic E-mail Notification

Posted on 2000-04-11
14
294 Views
Last Modified: 2010-04-21
How will I'm going to configure my server, so that if it encounters a system error (especially those that are redirected to the system's console or those errors that is being appended in /var/adm/messages file), it will automatically sends me an e-mail ?  Can I also configure the messages that is being appended in /var/adm/sulog and /var/adm/lastlog to automatically redirected to my e-mail ?
0
Comment
Question by:encilar
  • 6
  • 5
  • 3
14 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2706317
You do those things by modifying syslod.conf. It's responsible for directing the notices and error messages to various places, including /var/adm/messages, the console, and via email. You probably don't want everything sent to you by email, but if you read the manpages for syslogd and/or syslogd.conf you'll find that you've good pretty good control on what level of notice you simply log and what you email.
0
 

Author Comment

by:encilar
ID: 2706371
Can you Please give me an example syslog.conf entry where I want to redirect Warning Messages (grep Warning) from /var/adm/messages to my E-mail Address ?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2706491
I may have spoken to quickly. I do this for certain things on Linux but I use a named pipe implemented by a perl script that mails the message. That might or might not be possible on your system, what Unix are you on?
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:encilar
ID: 2706534
I'm working with SunOS / Solaris 7 (Unix System V)
0
 

Expert Comment

by:sgoldgaber
ID: 2710386
For simple log filtering, check out Swatch:

  ftp://ftp.cert.dfn.de/pub/tools/audit/swatch/

If you want to get more sophisticated, LogSurfer should help:

  http://www.cert.dfn.de/eng/logsurf/

0
 

Author Comment

by:encilar
ID: 2710418
Thank you guys. As our system is concerned, as much as possible I have no plans of installing another third party software in our system just to do this task.  But If you can give me a sample of a short script that can do this, I would be very grateful.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2710434
Are you adverse to perl? The solution that I'm playing with needs it to work. For what it's work Sun includes Perl5 in Solaris 8...
0
 

Author Comment

by:encilar
ID: 2710451
I'm sorry, but I can only work with Bourne and Korn Shell. The Solaris Version that we have is 2.6 and 7.
0
 

Expert Comment

by:sgoldgaber
ID: 2710491
Well, to be really crude and ugly, you could create a crontab entry that runs every 5mins, and mails you the tail end of the log:

5 * * * * tail -f /var/adm/sulog | mailx you@your.domain.com
0
 

Author Comment

by:encilar
ID: 2710572
What I really want is an automatic e-mail notifcation.  For example if someone uses the su command, thats only the time the system will send me a notification.  Another example is, if During the week, our system encounters a Warning message in /var/adm/messages and it occurs only once, it will then sends me a notification once also, if twice occurence then twice notification also.
0
 

Expert Comment

by:sgoldgaber
ID: 2710611
To modify the ugly crontab solution:

5 * * * * tail -f /var/adm/sulog | grep "Warning" | mailx you@your.domain.com


Also, to elaborate on the syslog suggestion, put in something like the following in to your syslog.conf:

*.err                         myfilter

NOTE: "err" refers to the actual severity level that you use for your logfiles.
NOTE2: make sure you use tabs, not spaces between the two fields

Create an account called myfilter.  Then, in ~myfilter/.forward put:

|grep "Warning" | mail you@your.domain.com

That's my last try to hack this.  Despite your reluctance to put yet another third party app "just for this", I strongly suggest you investigate swatch and/or logsurfer.  They were designed to do just what you want, and as your needs grow and the number and complexity of logfiles and patterns that you search for increases, you'll be grateful you've invested a little time/space to install a dedicated log filtering app.
0
 

Accepted Solution

by:
sgoldgaber earned 50 total points
ID: 2710625
To modify the ugly crontab solution:

5 * * * * tail -f /var/adm/sulog | grep "Warning" | mailx you@your.domain.com


Also, to elaborate on the syslog suggestion, put in something like the following in to your syslog.conf:

*.err                         myfilter

NOTE: "err" refers to the actual severity level that you use for your logfiles.
NOTE2: make sure you use tabs, not spaces between the two fields

Create an account called myfilter.  Then, in ~myfilter/.forward put:

|grep "Warning" | mail you@your.domain.com

That's my last try to hack this.  Despite your reluctance to put yet another third party app "just for this", I strongly suggest you investigate swatch and/or logsurfer.  They were designed to do just what you want, and as your needs grow and the number and complexity of logfiles and patterns that you search for increases, you'll be grateful you've invested a little time/space to install a dedicated log filtering app.
0
 

Expert Comment

by:sgoldgaber
ID: 2710641
Sorry about the duplicate message.  I guess hitting "Reload" after submitting the comment wasn't such a good idea... **SHEEPISH GRIN**
0
 

Author Comment

by:encilar
ID: 2710644
Thank you for all your persistence in answering my  question... 'Till then...
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sparc Solaris hangs without crash dump & no events from messages 3 87
can't umount nfs share after server goes offline... 4 92
Shell Script on AIX 7 112
awk sed 8 67
Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question