Script to email changes in a file

Submitted by madvip on Fri, 02/01/2008 - 12:48.

Suppose you want to email changes in the Oracle's alert log, or maybe syslog's messages, it would be nice to email new 'tailed' entries. Something like tail -f logfile | mailx ... won't work as tail -f will never pipe any output. The idea is to take a snapshot of the file every x minutes, archive it, take another snapshot after x minutes, diff the two files, and email the changes. Then you roundrobin the snapshot and repeat the whole process:

crontab -l
*/5 * * * * /usr/local/bin/swatch-action.sh > /dev/null 2>&1

[root]# cat /usr/local/bin/swatch-action.sh
#!/bin/bash

# Script to see if new actions were generated from swatch
# and email to sysops

ACTION_FILE=/var/log/log-file-snap
CP_ACTION_FILE=/var/log/cp-log-file-snap


[ -f $ACTION_FILE ] || touch $ACTION_FILE
[ -f $CP_ACTION_FILE ] || touch $CP_ACTION_FILE

NUMBER_OF_CHANGES=`diff $ACTION_FILE $CP_ACTION_FILE | wc -l`

if [ $NUMBER_OF_CHANGES -gt 1 ]; then

        # Number of changes is 1 to many because of the way diff outputs
        NUMBER_OF_CHANGES=$(($NUMBER_OF_CHANGES - 1))

        #email changes
        comm -3 $ACTION_FILE $CP_ACTION_FILE | mail -sx "Log file
-- $NUMBER_OF_CHANGES event(s)" sysops
        # Copy file to new file, so diff doesn't keep finding differences
        cp -fp $ACTION_FILE $CP_ACTION_FILE

fi

Here I am using the comm -3 command which will display entries not found in the older snapshot.

Categories

Exits

Script to email changes in a file