[Cu-wireless] reliable network logging?
stephane at shimaore.net
stephane at shimaore.net
Tue Nov 18 23:54:04 CST 2003
Hi,
On Mon, 10 Nov 2003, David Young wrote:
> SMTP does seem to meet the requirements. What will the "glue" between
> syslog and the MTA look like?
Gee, sorry Dave, I completely missed that email. (Probably didn't help
that I was out of town.)
What about something like this (think "logrotate"):
#!/bin/sh
# /usr/local/bin/syslog-rotate-smtp.sh
# This code is hereby put in the public domain. :D
#
## Move old syslog files out of the way.
rm /var/log/syslog.9.gz
## Shift the other ones
mv /var/log/syslog.8.gz/var/log/syslog.9.gz
## etc. I'm kinda going with a sledgehammer here.
mv/var/log/syslog.2.gz /var/log/syslog.3.gz
gzip /var/log/syslog.1
mv /var/log/syslog.1.gz /var/log/syslog.2.gz
mv /var/log/syslog /var/log/syslog.1
## So we renamed the open file syslog was using.
## Now tell syslog to open a new one.
kill -HUP `cat /var/run/syslog.pid`
##
## If you already have a logrotate, simply add something like:
##
mail -s "Last log" $LOGGERMAIL < /var/log/syslog.1
#
# However it may be a good idea to first filter the content of syslog.1
# in order to avoid somebody trying to crash mail with bad syslog entries
# (eg extremely long lines). Or simply uuencode / base64 syslog.1 before
# piping it into the mail program.
#
# END
And then add something along the lines of
0 * * * * /usr/local/sbin/syslog-rotate-smtp.sh
to crontab.
On the other end, use a list archiver for $LOGGERMAIL in order to get the
logs (a) on a web server and (b) archived. (Getting the uudecode /
unbase64 filter in the pipe is left as an excercise to the reader, I
guess.)
S.
More information about the CU-Wireless
mailing list