[brlug-general] file to syslog?
Dustin Puryear
dustin at puryear-it.com
Thu Apr 26 15:48:01 EDT 2007
Yup, you are right. Anyway, we could have written a script, we would
just prefer to see if there is something already out there that we can
use as needed. Thanks though!
--
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com
Author:
"Best Practices for Managing Linux and UNIX Servers"
"Spam Fighting and Email Security in the 21st Century"
Download your free copies:
http://www.puryear-it.com/publications.htm
Eric Ortego wrote:
> Thats not to a local syslog
> it sends to the syslog host 192.168.1.7 <http://192.168.1.7>
>
> On 4/26/07, *Dustin Puryear* < dustin at puryear-it.com
> <mailto:dustin at puryear-it.com>> wrote:
>
> I forgot to mention that we are not using the local syslog. Anyway, we
> found something that will work well. Thanks!
>
> --
> Puryear Information Technology, LLC
> Baton Rouge, LA * 225-706-8414
> http://www.puryear-it.com
>
> Author:
> "Best Practices for Managing Linux and UNIX Servers"
> "Spam Fighting and Email Security in the 21st Century"
>
> Download your free copies:
> http://www.puryear-it.com/publications.htm
>
> Eric Ortego wrote:
> > #!/usr/bin/python
> > import time,os,logging
> > from logging import handlers
> >
> > filename = '/var/log/everything/current'
> > host = '192.168.1.7 <http://192.168.1.7> <http://192.168.1.7>'
> > port = handlers.SYSLOG_UDP_PORT
> >
> > #create logger
> > logger = logging.getLogger("simple logger")
> > logger.setLevel (logging.INFO)
> > #create syslog handler and set level to info
> > myhandler = handlers.SysLogHandler((host,port))
> > myhandler.setLevel (logging.INFO)
> > #create formatter
> > formatter = logging.Formatter ("%(name)s - %(message)s")
> > #add formatter to myhandler
> > myhandler.setFormatter(formatter)
> > #add handlelog to logger
> > logger.addHandler (myhandler)
> >
> > file = open(filename, 'r')
> >
> > #Find the size of the file and move to the end
> > st_results = os.stat(filename)
> > st_size = st_results[6]
> > file.seek(st_size)
> >
> > #"application" code
> > while 1:
> > where = file.tell()
> > line = file.readline()
> > if not line:
> > time.sleep(1)
> > file.seek(where)
> > else:
> > # print line, # already has newline
> > # logger.debug ("debug message")
> > logger.info(line)
> > # logger.warn("warn message")
> > # logger.error("error message")
> > # logger.critical ("critical message")
> >
> >
> >
> > On 4/26/07, *Dustin Puryear* <dustin at puryear-it.com
> <mailto:dustin at puryear-it.com>
> > <mailto:dustin at puryear-it.com <mailto:dustin at puryear-it.com>>> wrote:
> >
> > Oh, woah! I was thinking this used the Perl Tail module. We
> may just
> > tweak.
> >
> > --
> > Puryear Information Technology, LLC
> > Baton Rouge, LA * 225-706-8414
> > http://www.puryear-it.com <http://www.puryear-it.com>
> >
> > Author:
> > "Best Practices for Managing Linux and UNIX Servers"
> > "Spam Fighting and Email Security in the 21st Century"
> >
> > Download your free copies:
> > http://www.puryear-it.com/publications.htm
> <http://www.puryear-it.com/publications.htm>
> >
> > Scott Harney wrote:
> > > -ray wrote:
> > >> I've used the logger command to log to syslog on the
> > localhost. Could you
> > >> pipe the tailed file over ssh to a logger command on the
> syslog
> > host?
> > >> Just an idea :)
> > >>
> > > I have a perl script that a coworker wrote that does a pretty
> > good job
> > > of handling a logrotate, you'd just have to add the system
> callout to
> > > "logger"
> > > #!/usr/local/bin/perl
> > >
> > > $USER = $ENV{'USER'};
> > > $LogToWatch = "/path/to/log";
> > >
> > > FORK: {
> > > if ( $PID = fork) {
> > > # PARENT HERE
> > > # Child process pid available in $PID
> > >
> > > $COUNT = 0;
> > > $SIZE_ORIG = (stat("$LogToWatch"))[7];
> > > while (true) {
> > > $SIZE = (stat("$LogToWatch"))[7];
> > > ############### printf "SIZE:
> > %s\n", $SIZE;
> > > if ($SIZE >= $SIZE_ORIG) {
> > > sleep 5;
> > > } else {
> > > `kill $PID`;
> > > open(LOG,">>
> > /path/to/othertemporary.log");
> > > chomp($DATE = `date`);
> > > printf LOG "$PID
> KILLED FOR
> > > $USER $DATE\n";
> > > close(LOG);
> > > redo FORK;
> > > }
> > > }
> > > } elsif ( defined $PID ) {
> > > # $PID is zero here if defined
> > > # Child here
> > > # parent process pid is available with getppid
> > > printf "HERE WE ARE RESTARTING THE
> 'TAIL'>>> \n";
> > > open(TAIL, "tail -100f $LogToWatch |") || die
> > "Can't do
> > > tail here. $!\n";
> > > while(<TAIL>) {
> > > print;
> > > #system ("logger -p daemon.info
> <http://daemon.info>
> > <http://daemon.info <http://daemon.info>> $_"); # might
> > > work. untested.
> > > }
> > > exit;
> > > } elsif ( $! =~ /No more process/ ) {
> > > # EAGAIN, supposedly recoverable fork error
> > > sleep 5;
> > > redo FORK;
> > > } else {
> > > # weird fork error
> > > die "Can't do fork: $!\n";
> > > }
> > > }
> > >
> > >> ray
> > >>
> > >>
> > >> On Thu, 26 Apr 2007, Dustin Puryear wrote:
> > >>
> > >>
> > >>> Is anyone aware of an existing tool that can tail a log file
> > and direct
> > >>> the contents to a syslog host? If the tool can detect a log
> > rotate that
> > >>> would be even better.
> > >>>
> > >>> Any ideas are welcome, thanks!
> > >>>
> > >>>
> > >>>
> > >>
> > >>
> > >
> > >
> > >
> >
> ------------------------------------------------------------------------
> >
> > >
> > > _______________________________________________
> > > General mailing list
> > > General at brlug.net <mailto:General at brlug.net>
> <mailto:General at brlug.net <mailto:General at brlug.net>>
> > > http://mail.brlug.net/mailman/listinfo/general_brlug.net
> >
> > _______________________________________________
> > General mailing list
> > General at brlug.net <mailto:General at brlug.net>
> <mailto:General at brlug.net <mailto:General at brlug.net>>
> > http://mail.brlug.net/mailman/listinfo/general_brlug.net
> >
> >
> >
> >
> ------------------------------------------------------------------------
> >
> > _______________________________________________
> > General mailing list
> > General at brlug.net <mailto:General at brlug.net>
> > http://mail.brlug.net/mailman/listinfo/general_brlug.net
>
> _______________________________________________
> General mailing list
> General at brlug.net <mailto:General at brlug.net>
> http://mail.brlug.net/mailman/listinfo/general_brlug.net
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> General mailing list
> General at brlug.net
> http://mail.brlug.net/mailman/listinfo/general_brlug.net
More information about the General
mailing list