Linux Log File Monitor – Do you have Linux log files on your UNIX servers that you’d like to monitor? Are you terrified of the amount of work that will be needed to write an efficient Linux log file monitoring tool? Do you wish to be instructed and/or guided on how to write the best log file monitoring tool or pointed in the direction of where to download one that’s already written?
If any of these Linux log file related questions strikes a chord with you, take a look at the below commands.
Syntax: logrobot (logfile) (minutes) (patternA) (patternB) (-found or -show) (warning) (critical)
Command1: logrobot /var/log/messages 60 ‘error’ ‘panic’ -found 5 10
Command2: logrobot /var/log/messages 60 ‘error’ ‘panic’ -show 5 10
Can you guess what the above commands do?
The first command (Command1) containing “-found”, is telling the logrobot program to scan the /var/log/messages for the patterns “error” and “panic” (these are just general patterns and strings. You can substitute them with any string or pattern as long as they’re within single quotes).
If Command1 finds the two specified strings “error” and “panic” on the same lines in the /var/log/messages Linux log file, AND the number of lines containing these words is less than 5, then there is no issue. The program will abort with a 0.
If the number of lines matching the patterns in the log is greater than OR equal to 5 BUT less than 10, then it will abort with a Warning, because that falls in the warning category.
If the number of lines in the log matching the specified patterns is greater than or equal to 10, then the script will abort with a Critical, because that falls in the critical category.
The second line (Command2) containing the “-show” is telling the script to OUTPUT (meaning post to your screen), ALL lines in the Linux Log File matching the specified patterns. The logrobot tool is told to output only lines that were written to the log within the past 60 minutes. So in other words, if you want to grab out lines from your Linux logs based on a time-frame, you can do that.
If you need to monitor your Linux system logs, a log scanning tool like the one mentioned above is what you need to write OR download. This new tool brings to the table a unique method of Log Monitoring in Linux that beats out ANY series of frantic tails and greps that you would have otherwise had to run in times of crisis.
Can this Linux Log Monitoring Tool also be used on Sun Solaris systems? Yes, it can.