Plain & simple:
/var/log/messages shows useless WARNING messages on some of our servers.
Monitoring server Sends email with notifications of said useless WARNINGs.
This causes much Grrr in the noc, as we've been going in and editing the file with vi, hoping to change WARNING to warning and save the file before anything else writes to it.
I've tried executing the following command
sed s/WARNING/warning/g /var/log/messages > /var/log/messages.tmp && mv /var/log/messages.tmp /var/log/messages
It worked as expected, but didn't complain
Some one else tried writing a perl script which basically did the same thing, but would sporadically truncate the file (even worse)
Is there a way that I can tell if syslogng is writing to the file while sed & mv are getting rid of the uglies?