logging with shell script [Archive]

Click to See Complete Forum and Search --> : logging with shell script

threadhead

12-26-2002, 01:50 PM

hello there.

i wrote a shellscript to view and log all my TCP
connections.

heres the code:

#!/bin/sh

tail -f /var/log/syslog | grep "PROTO=TCP" > /root/connections.log

tail -f monitors all things being actually written to the file specified. with grep i filter out the desired lines.
with > /root/connections.log i want to keep a clear
log file with all the TCP connections.
when i run the script, i can see the filtered output.
even the file /root/connections.log creates itself.
BUT nothing is written to file!

whats wrong with that?

thanks threadhead

Stuka

12-26-2002, 04:59 PM

Probably the syslog messages are printed using stderr, not stdout. Try replacing your > logfile with 2> logfile (this will send stderr, not stdout, to the file).

threadhead

12-26-2002, 05:06 PM

that didnt solve the problem. :confused:

uptimenotifier

12-26-2002, 09:42 PM

threadhead,

please try this:

tail -f /var/log/syslog | while read LOG_LINE
do
if echo $LOG_LINE | grep -q "PROTO=TCP"
then
echo $LOG_LINE >> /root/connections.log
fi
done

iDxMan

12-26-2002, 11:46 PM

The script looks fine, so offhand I'm not sure. Although you might have better luck adding an item to syslog.conf to redirect that output to a different file.

-r

threadhead

12-27-2002, 02:55 PM

thanks for the suggestions.
ill have a try on both.