Solved

Automatic E-mail Notification

Posted on 2000-04-11
14
288 Views
Last Modified: 2010-04-21
How will I'm going to configure my server, so that if it encounters a system error (especially those that are redirected to the system's console or those errors that is being appended in /var/adm/messages file), it will automatically sends me an e-mail ?  Can I also configure the messages that is being appended in /var/adm/sulog and /var/adm/lastlog to automatically redirected to my e-mail ?
0
Comment
Question by:encilar
  • 6
  • 5
  • 3
14 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2706317
You do those things by modifying syslod.conf. It's responsible for directing the notices and error messages to various places, including /var/adm/messages, the console, and via email. You probably don't want everything sent to you by email, but if you read the manpages for syslogd and/or syslogd.conf you'll find that you've good pretty good control on what level of notice you simply log and what you email.
0
 

Author Comment

by:encilar
ID: 2706371
Can you Please give me an example syslog.conf entry where I want to redirect Warning Messages (grep Warning) from /var/adm/messages to my E-mail Address ?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2706491
I may have spoken to quickly. I do this for certain things on Linux but I use a named pipe implemented by a perl script that mails the message. That might or might not be possible on your system, what Unix are you on?
0
 

Author Comment

by:encilar
ID: 2706534
I'm working with SunOS / Solaris 7 (Unix System V)
0
 

Expert Comment

by:sgoldgaber
ID: 2710386
For simple log filtering, check out Swatch:

  ftp://ftp.cert.dfn.de/pub/tools/audit/swatch/

If you want to get more sophisticated, LogSurfer should help:

  http://www.cert.dfn.de/eng/logsurf/

0
 

Author Comment

by:encilar
ID: 2710418
Thank you guys. As our system is concerned, as much as possible I have no plans of installing another third party software in our system just to do this task.  But If you can give me a sample of a short script that can do this, I would be very grateful.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2710434
Are you adverse to perl? The solution that I'm playing with needs it to work. For what it's work Sun includes Perl5 in Solaris 8...
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:encilar
ID: 2710451
I'm sorry, but I can only work with Bourne and Korn Shell. The Solaris Version that we have is 2.6 and 7.
0
 

Expert Comment

by:sgoldgaber
ID: 2710491
Well, to be really crude and ugly, you could create a crontab entry that runs every 5mins, and mails you the tail end of the log:

5 * * * * tail -f /var/adm/sulog | mailx you@your.domain.com
0
 

Author Comment

by:encilar
ID: 2710572
What I really want is an automatic e-mail notifcation.  For example if someone uses the su command, thats only the time the system will send me a notification.  Another example is, if During the week, our system encounters a Warning message in /var/adm/messages and it occurs only once, it will then sends me a notification once also, if twice occurence then twice notification also.
0
 

Expert Comment

by:sgoldgaber
ID: 2710611
To modify the ugly crontab solution:

5 * * * * tail -f /var/adm/sulog | grep "Warning" | mailx you@your.domain.com


Also, to elaborate on the syslog suggestion, put in something like the following in to your syslog.conf:

*.err                         myfilter

NOTE: "err" refers to the actual severity level that you use for your logfiles.
NOTE2: make sure you use tabs, not spaces between the two fields

Create an account called myfilter.  Then, in ~myfilter/.forward put:

|grep "Warning" | mail you@your.domain.com

That's my last try to hack this.  Despite your reluctance to put yet another third party app "just for this", I strongly suggest you investigate swatch and/or logsurfer.  They were designed to do just what you want, and as your needs grow and the number and complexity of logfiles and patterns that you search for increases, you'll be grateful you've invested a little time/space to install a dedicated log filtering app.
0
 

Accepted Solution

by:
sgoldgaber earned 50 total points
ID: 2710625
To modify the ugly crontab solution:

5 * * * * tail -f /var/adm/sulog | grep "Warning" | mailx you@your.domain.com


Also, to elaborate on the syslog suggestion, put in something like the following in to your syslog.conf:

*.err                         myfilter

NOTE: "err" refers to the actual severity level that you use for your logfiles.
NOTE2: make sure you use tabs, not spaces between the two fields

Create an account called myfilter.  Then, in ~myfilter/.forward put:

|grep "Warning" | mail you@your.domain.com

That's my last try to hack this.  Despite your reluctance to put yet another third party app "just for this", I strongly suggest you investigate swatch and/or logsurfer.  They were designed to do just what you want, and as your needs grow and the number and complexity of logfiles and patterns that you search for increases, you'll be grateful you've invested a little time/space to install a dedicated log filtering app.
0
 

Expert Comment

by:sgoldgaber
ID: 2710641
Sorry about the duplicate message.  I guess hitting "Reload" after submitting the comment wasn't such a good idea... **SHEEPISH GRIN**
0
 

Author Comment

by:encilar
ID: 2710644
Thank you for all your persistence in answering my  question... 'Till then...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now