Alright, I want to email myself the daily log entries of the /etc/messages log file. What I mean is, for all new lines created on Feb 21, I want them emailed to me on the 22nd. For all new log entries created on Feb 20, I want them emailed to me on Feb 21. Etc...

This is what I have come up with so far.

less messages | grep "Feb 20" | mail -s "Messages Log Output" l-bsdsadasdsad@gmail.com

(I used my real email address in the command line, don't want to post it here for the spammers)

Now this does exactly what I want however I want this done automatically every day. Now I know I can set this up in a cronjob to run at 00:00 every day, but my problem is how do I tell the script to look for "Current Date" in that format? (Three letter month [space] day) I also noticed that if it's a single digit day, then it's (Three letter month [space][space] day)

I also realize that these daily logs could get rather large, especially if a lot was going on that day with the FTP.

You can format the output of date, and embed the output into your grep, eg
(of course, that is the current date, not the previous one; you could run an earlier cronjob to squirrel away the previous day's date instead)

1 members found this post helpful.

Would it even be possible to do the previous day with the date command? Is there a "yesterday" command within' the date command? Hmm..

I got it.

less messages | grep "$(date --date="yesterday" '+%b %e')" | mail -s "Messages Log Output" l-bsdsadasdsad@gmail.com

BTW, instead of having to wade through all messages manually, how about using Logwatch instead? Logwatch can process all sorts of system and daemon logs, comes with support for several services including FTP daemons out of the box, doesn't need much configuration and can email you alerts daily.

Logwatch? Where can I find it?

Google is my friend, I got it installed I think. The README says it should work on it's own, I simply ran the install_logwatch.sh file and it did some stuff, I then changed the default conf file to mail it to my email address, instead of root.

Does it start itself automatically, I don't need to do anything else?

I ran the command

logwatch mailto myemail@email.com

Few seconds later it completed and I got a new email. Will it do this all the time without me telling it to?

LogWatch is freaking awesome, wish I could have found this sooner!!!

Still not sure if this will run every day though or if I'll have to run some kind of cronjob to execute it each day.

Sounds like you did it. If you don't get the emails make sure it runs via cron

The install script may have put in a cron entry for you. Check it out;

Very good point. I looked at what the install script did and found this entry.

ln -s /usr/share/logwatch/scripts/logwatch.pl /etc/cron.daily/0logwatch

So I am thinking it covered that for me.

Alright, I want to email myself the daily log entries of the /etc/messages log file. What I mean is, for all new lines created on Feb 21, I want them emailed to me on the 22nd. For all new log entries created on Feb 20, I want them emailed to me on Feb 21. Etc...

This is what I have come up with so far.

less /var/log/messages | grep "$(date --date="yesterday" '+%b %e')" | mail -s "Messages Log Output" myemail@gmail.com

(I used my real email address in the command line, don't want to post it here for the spammers)

Now this does exactly what I want however I want this done automatically every day. Now I know I can set this up in a cronjob to run at 00:00 every day, but my problem is how do I tell the script to look for "Current Date" in that format? (Three letter month [space] day) I also noticed that if it's a single digit day, then it's (Three letter month [space][space] day)

I also realize that these daily logs could get rather large, especially if a lot was going on that day with the FTP.

This no longer works. I've discovered that less /var/log/messages still displays the output, however then I use grep "$(date --date="yesterday" '+%b %e')" nothing is shown. Message is null. I'm guessing "yesterday" is no longer valid. How can I get this to work now?

Well I figured out it's because /var/log/messages doesn't contain anything from Sep 1, it's been rotated to messages.1. Sigh