Searching multiple error keywords in real time Linux log file and send email once found

Hi Experts,

I need to search multiple error keywords in Linux real time log files through shell script.
Below is something I tried and works on command line, it needs to be fine tuned or may be a different approach is needed.

Need your help.

grep -En "fatal|error|WARN|fail" /scripts/log.txt --color=auto > /scripts/log/errors_found.txt

mailx -s "Below are the errors found on host $(hostname)" -E email@email.com < /scripts/log/errors_found.txt

Thanks in Advance!

Sat
S-a-tAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

S-a-tAuthor Commented:
Hi Experts,

I came up with below script and ran as below to search real time Linux log file and send email with line found. So far, it is working as expected.

Need your help to search multiple strings like "No such file or directory" which has spaces in each word.
Also, if I include so many words (probably 10-15 keywords) will that take too much CPU and Memory while running background?

I have to run this script for 6 applications so 6 different logs monitor.

Any other advise is appreciated.

"nohup ./errors_check.sh 0>&- &>/dev/null &"

--------------------------

#!/bin/bash

cd /app/

# WARNING
# No such file or directory
# does not exist
# unable to open
# Can't open
# WARN
# fail
# error
# Error

tail -n 0 -F /app/log.txt | \
while read LINE
do
echo "$LINE" | grep -En "fail|error|WARN|Error|WARNING|unable"
      if [ $? = 0 ]
            then
                  echo -e "$LINE found on $HOSTNAME" | mail -s "Error found on $(hostname)" -E email@email.com
      fi
done

--------------------

Thanks in Advance!
0
murugesandinsShell_script Automation /bin/bash /bin/bash.exe /bin/ksh /bin/mksh.exe AIX C C++ CYGWIN_NT HP-UX Linux MINGW32 MINGW64 SunOS Windows_NTCommented:
@S-a-t
Can you test related code:
#!/bin/bash
RECEIVER_MAIL="email@email.com"
if [[ ! -f /usr/bin/which ]]
then
	echo "/usr/bin/which No such file"
elif [[ ! -f /usr/bin/tr ]]
then
	echo "/usr/bin/tr No such file"
elif [[ ! -f /usr/bin/mail ]]
then
	echo "/usr/bin/mail No such file"
elif [[ ! -f /bin/sed ]]
then
	echo "/bin/sed No such file"
elif [[ ! -f /bin/grep ]]
then
	if [[ ! -f /bin/egrep ]]
	then
		echo "/bin/grep or /bin/egrep No such file";
	else
		EGREP='/bin/egrep ';
	fi
else
	EGREP="/bin/grep -E "
fi
if [[ "" != "$EGREP" ]]
then
	WHICH="/usr/bin/which"
	TR="/usr/bin/tr"
	MAIL="/usr/bin/mail"
	SED="/bin/sed"
	export HOSTNAME_BINARY_LOC=''`$WHICH hostname 2>/dev/null`''
	if [[ "" = "$HOSTNAME_BINARY_LOC" ]]
	then
		echo "hostname binary not found"
	elif [[ ! -d /app ]]
	then
		echo "/app No such directory"
	elif [[ ! -f /app/log.txt ]]
	then
		echo "/app/log.txt No such file"
	else
		HOSTNAME=''`$HOSTNAME_BINARY_LOC | $TR -d "\r"`''
		cd /app/
		# WARNING
		# No such file or directory
		# does not exist
		# unable to open
		# Can't open
		# WARN
		# fail
		# error
		# Error
		$SED "s/ /SPACE/g;s/\r//g;" /app/log.txt | \
		while read LINE
		do
			CURRENTLINE=''`echo -n "$LINE" |\
			$SED "s/SPACE/ /g;"`''
			echo "$CURRENTLINE" |\
			$EGREP "fail|error|WARN|Error|WARNING|unable to open|No such file or directory" >/dev/null 2>&1
			ErrStringFound=$?
			if [ 0 -eq $ErrStringFound ]
			then
				echo "$CURRENTLINE found at $HOSTNAME" | $MAIL -s "Error found at $HOSTNAME" -E $RECEIVER_MAIL
				MAIL_RET=$?
				if [[ 0 -ne $MAIL_RET ]]
				then
					echo "Unable to send following message using $MAIL:"
					echo "$CURRENTLINE found at $HOSTNAME"
				fi
			fi
		done
	fi
fi

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
murugesandinsShell_script Automation /bin/bash /bin/bash.exe /bin/ksh /bin/mksh.exe AIX C C++ CYGWIN_NT HP-UX Linux MINGW32 MINGW64 SunOS Windows_NTCommented:
1. Tested
2. Resolved
3. Inactive for 14 days.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

S-a-tAuthor Commented:
Hi Murugesan,

Sorry that I didn't post results for so long, I was traveling and then got busy.

My apologies for so late response.

I would like to thank you for your time and help.

Sat
1
S-a-tAuthor Commented:
I will post the script for your review, it doesn't have error handling but does the job.
0
murugesandinsShell_script Automation /bin/bash /bin/bash.exe /bin/ksh /bin/mksh.exe AIX C C++ CYGWIN_NT HP-UX Linux MINGW32 MINGW64 SunOS Windows_NTCommented:
ok sure.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.