Difference between revisions of "Errornotify"

From James Dooley's Wiki
Jump to: navigation, search
(Overview)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
[[Category:Scripts]]
 
==Overview==
 
==Overview==
 
A simple script I wrote to email me a summery of apache error messages in the last 24 hours.
 
A simple script I wrote to email me a summery of apache error messages in the last 24 hours.
Line 6: Line 7:
 
==Script==
 
==Script==
  
<code>[bash,n]#!/bin/bash
+
<source lang='bash'>
grep "`date | cut -d " " -f2,3`" /usr/local/apache/logs/error_log | grep -v "ModSec" | cut -d "]" -f2- | sort | uniq -c | sort -nr > unformatted.txt
+
#!/bin/bash
grep "`date | cut -d " " -f2,3`" /usr/local/apache/logs/error_log | grep "ModSec" | cut -d "]" -f2- | sort | cut -d "]" -f1,3- | rev | cut -d "[" -f2- | rev | sort | uniq -c | sort -nr > modsec.txt
 
  
 +
acctlist="jamesdoo;jamesdooley.us;james@jamesdooley.us devize;devize.us;james@jamesdooley.us"
  
echo -e "Daily Apache Error report for server1.infusedsites.com \n\n\n" > email.txt
+
servername="server1.infusedsites.com"
 +
masteremail="server@infusedsites.com"
  
echo -e "\n\n====Error Messages====\n" >> email.txt
+
logperiod=`date +"%b %d"`
grep "\[error\]" unformatted.txt >> email.txt
+
fulllogs=`grep "$logperiod" /usr/local/apache/logs/error_log`
 +
modseclogs=`echo "$fulllogs" | grep "ModSec" | cut -d "]" -f2- | sort | cut -d "]" -f1,3- | rev | cut -d "[" -f2- | rev | sort | uniq -c | sort -nr`
 +
remaininglogs=`echo "$fulllogs" | grep -v "ModSec" | cut -d "]" -f2- | sort | uniq -c | sort -nr`
  
echo -e "\n\n====Warnings====\n"       >> email.txt
+
function masterlogs {
grep "\[warn\]" unformatted.txt >> email.txt
+
echo -e "Daily Apache Error report for $servername \n\n\n" > email.txt
 +
echo -e "\n\n====Error Messages====\n" >> email.txt
 +
echo "$remaininglogs" | grep "\[error\]" >> email.txt
 +
echo -e "\n\n====Warnings====\n" >> email.txt
 +
echo "$remaininglogs" | grep "\[warn\]" >> email.txt
 +
echo -e "\n\n====Notice====\n"  >> email.txt
 +
echo "$remaininglogs" | grep "\[notice\]" >> email.txt
 +
echo -e "\n\n====ModSec====\n" >> email.txt
 +
echo "$modseclogs" >> email.txt
 +
 +
cat email.txt | mail -s "Daily Apache Error Log Report" $masteremail
 +
}
  
echo -e "\n\n====Notice====\n"  >> email.txt
+
function processacctlogs {
grep "\[notice\]" unformatted.txt >> email.txt
+
user=`echo $1 | cut -d ";" -f1`
 +
domain=`echo $1 | cut -d ";" -f2`
 +
email=`echo $1 | cut -d ";" -f3`
 +
 +
domainlogs=`echo "$remaininglogs" | grep "$domain\|$user"`
 +
domainmodsec=`echo "$modseclogs" | grep "$domain\|$user"`
 +
 +
echo -e "Daily Apache error report for $domain \n\n\n" > email.txt
 +
echo -e "\n\n====Error Messages====\n" >> email.txt
 +
echo "$domainlogs" | grep "\[error\]" >> email.txt
 +
echo -e "\n\n====Warnings====\n" >> email.txt
 +
echo "$domainlogs" | grep "\[warn\]" >> email.txt
 +
echo -e "\n\n====Notice====\n"  >> email.txt
 +
echo "$domainlogs" | grep "\[notice\]" >> email.txt
 +
echo -e "\n\n====ModSec====\n" >> email.txt
 +
echo "$domainmodsec" >> email.txt
 +
 +
cat email.txt | mail -s "Daily Apache error log report for $domain" $email
 +
}
  
 +
masterlogs;
 +
for account in $(echo $acctlist);
 +
do
 +
processacctlogs $account
 +
done
  
echo -e "\n\n====ModSec====\n" >> email.txt
+
rm -f email.txt
cat modsec.txt >> email.txt
+
</source>
 
 
cat email.txt | mail -s "Daily Apache Error Log Report" james@jamesdooley.us
 
 
 
rm -f modsec.txt unformatted.txt email.txt
 
</code>
 
  
 
==What to change==
 
==What to change==

Latest revision as of 14:32, 25 March 2014

Overview

A simple script I wrote to email me a summery of apache error messages in the last 24 hours.

Cuts out uniq data such as IP addresses and unique_ids for modsec.

Script

#!/bin/bash

acctlist="jamesdoo;jamesdooley.us;james@jamesdooley.us devize;devize.us;james@jamesdooley.us"

servername="server1.infusedsites.com"
masteremail="server@infusedsites.com"

logperiod=`date +"%b %d"`
fulllogs=`grep "$logperiod" /usr/local/apache/logs/error_log`
modseclogs=`echo "$fulllogs" | grep "ModSec" | cut -d "]" -f2- | sort | cut -d "]" -f1,3- | rev | cut -d "[" -f2- | rev | sort | uniq -c | sort -nr`
remaininglogs=`echo "$fulllogs" | grep -v "ModSec" | cut -d "]" -f2- | sort | uniq -c | sort -nr`

function masterlogs {
	echo -e "Daily Apache Error report for $servername \n\n\n" > email.txt
	echo -e "\n\n====Error Messages====\n" >> email.txt
	echo "$remaininglogs" | grep "\[error\]" >> email.txt
	echo -e "\n\n====Warnings====\n" >> email.txt
	echo "$remaininglogs" | grep "\[warn\]" >> email.txt
	echo -e "\n\n====Notice====\n"  >> email.txt
	echo "$remaininglogs" | grep "\[notice\]" >> email.txt
	echo -e "\n\n====ModSec====\n" >> email.txt
	echo "$modseclogs" >> email.txt
 
	cat email.txt | mail -s "Daily Apache Error Log Report" $masteremail
}

function processacctlogs {
	user=`echo $1 | cut -d ";" -f1`
	domain=`echo $1 | cut -d ";" -f2`
	email=`echo $1 | cut -d ";" -f3`
	
	domainlogs=`echo "$remaininglogs" | grep "$domain\|$user"`
	domainmodsec=`echo "$modseclogs" | grep "$domain\|$user"`
	
	echo -e "Daily Apache error report for $domain \n\n\n" > email.txt
	echo -e "\n\n====Error Messages====\n" >> email.txt
	echo "$domainlogs" | grep "\[error\]" >> email.txt
	echo -e "\n\n====Warnings====\n" >> email.txt
	echo "$domainlogs" | grep "\[warn\]" >> email.txt
	echo -e "\n\n====Notice====\n"  >> email.txt
	echo "$domainlogs" | grep "\[notice\]" >> email.txt
	echo -e "\n\n====ModSec====\n" >> email.txt
	echo "$domainmodsec" >> email.txt
	
	cat email.txt | mail -s "Daily Apache error log report for $domain" $email
}

masterlogs;
for account in $(echo $acctlist);
do
	processacctlogs $account
done

rm -f email.txt

What to change

Retrieved from "http://wiki.jamesdooley.us/index.php?title=Errornotify&oldid=576"