[SunHELP] syslog send a mail
james
james at jdfogg.com
Wed Jan 26 07:35:36 CST 2005
On Wed, 2005-01-26 at 08:18, Cloud L. Lee wrote:
> Thanks ,Matthew and James.
>
> I want it's real time.
> It send a mail immediately after syslog make a message.
> cron isn't real time.
> Is logwatch real time?
Logwatch is configurable, but I don't know how short you can make the
interval.
I think you are headed toward disaster. Just for kicks do this..
tail -f /var/log/somelog|Grep "string" and watch the fun begin. Make it
worse by using egrep -v and adding multiple match strings.
You are going to topple your mail reader with a flood of crap. A ton of
stuff is written to the logfiles. With a 24 hour interval with logwatch
at least its all delivered in one email - sorted and in a digest style.
Unless the system in question is bored (not doing much) you are looking
at too much information to have every "match" entry mailed. And if you
want to see *everything* in syslog you might actually overrun your
mailserver and mail reader.
If your goal is to just see whats going on, do it "live" with tail -f.
More information about the SunHELP
mailing list