dcaccount
Posts: 154
Joined: Sun Jan 15, 2017 11:56 am

Log file monitoring

Sat May 05, 2018 8:18 pm

Hello,
Is there a way to continuously monitor a log file and to trigger an action, for instance send an email, upon detecting any change?

Thnaks,
Dan

droleary
Posts: 174
Joined: Fri Feb 09, 2018 3:45 am
Location: Minneapolis, MN USA
Contact: Website Skype

Re: Log file monitoring

Sun May 06, 2018 2:54 am

There are many ways to do that. If you want some pre-packaged software to do something specific, please say exactly what it is you wish to accomplish. For example, you might use fail2ban if you want to keep out attackers.

maurice1
Posts: 37
Joined: Tue Mar 05, 2013 8:55 am
Location: Dublin

Re: Log file monitoring

Sun May 06, 2018 1:19 pm

Hi Dan,

Script below checks if a file time stamp has updated in the last 10 minutes and sends an email if it hasn't
Script is called by cron
Is that the sort of thing you are looking for?

Code: Select all

#!/usr/bin/python

import os
from datetime import datetime, timedelta


file_name = "/var/1w_files/test"
file_mod_time = datetime.fromtimestamp(os.stat(file_name).st_mtime)  # This is a datetime.datetime object!
print"file_mod_time", file_mod_time
now = datetime.today()
print"now", now
max_delay = timedelta(minutes=10)
print"max_delay", max_delay
if now-file_mod_time > max_delay:
    print "CRITICAL: {} last modified on {}. Threshold set to {} minutes.".format(file_name, file_mod_time, max_delay.seconds/60)
    os.system ( "echo 1w_Update Problem | mail -s CS450 me@gmail.com" )
else:
    print "OK. Command completed successfully {} minutes ago.".format((now-file_mod_time).seconds/60)

print "########DONE   ##############-"

dcaccount
Posts: 154
Joined: Sun Jan 15, 2017 11:56 am

Re: Log file monitoring

Mon May 07, 2018 11:06 am

maurice1 wrote:
Sun May 06, 2018 1:19 pm
Hi Dan,

Script below checks if a file time stamp has updated in the last 10 minutes and sends an email if it hasn't
Script is called by cron
Is that the sort of thing you are looking for?

Code: Select all

#!/usr/bin/python

import os
from datetime import datetime, timedelta


file_name = "/var/1w_files/test"
file_mod_time = datetime.fromtimestamp(os.stat(file_name).st_mtime)  # This is a datetime.datetime object!
print"file_mod_time", file_mod_time
now = datetime.today()
print"now", now
max_delay = timedelta(minutes=10)
print"max_delay", max_delay
if now-file_mod_time > max_delay:
    print "CRITICAL: {} last modified on {}. Threshold set to {} minutes.".format(file_name, file_mod_time, max_delay.seconds/60)
    os.system ( "echo 1w_Update Problem | mail -s CS450 me@gmail.com" )
else:
    print "OK. Command completed successfully {} minutes ago.".format((now-file_mod_time).seconds/60)

print "########DONE   ##############-"
YES!
Thanks a lot,
dan

Return to “Raspbian”