[SOLVED] A script not running since 2nd October 2011

Satyaveer Arya · 12-08-2011, 11:43 PM

Hello Friends,

I had made a script and scheduled it to run 2 times a day.

The Script is given below:

#!/bin/bash
date;
echo $HOSTNAME
uname -a
a=`date +"%b %_d"`;
b=`date +"%b %_d"`;
c=`date +"%b %_d"`;
d=`date +"%b %_d"`;
e=`date +"%b %_d"`;
f=`date +"%b %_d"`;
g=`date +"%b %_d"`;
h=`date +"%b %_d"`;
echo "--------------------------IP HIT-----------------------------------------------"
more /var/log/secure.1 | grep -v "172.16.106" | grep -i ssh2 | grep "$a";
more /var/log/secure | grep -v "172.16.106" | grep -i ssh2 | grep "$b";
more /var/log/secure.1 | grep -v "172.16.106" | grep -i subsystem | grep "$c";
more /var/log/secure | grep -v "172.16.106" | grep -i subsystem | grep "$d";
echo "---------------------------------FTP IP HIT---------------------------------------"
more /var/log/secure.1 | grep -v "172.16.106" | grep -i ftp | grep "$e";
more /var/log/secure | grep -v "172.16.106" | grep -i ftp | grep "$f";
echo "--------------------------------FTP Client LOG--------------------------------"
more /var/log/vsftpd.log.1 | grep ftp | grep "$g";
more /var/log/vsftpd.log | grep ftp | grep "$h";
echo "--------------------------Total HIT-------------------------------------------"
echo "--------------------------Again Monitor---------------------------------------"

And the above mentioned script's output is directed in script.sh file.

And I had made correct entry in crontab file also and the crond service is also running. Below is the Crontab entry:

1 16,22,7 * * * /root/Scripts/Login-Monitor/ssh/script.sh

Now, the problem is that it has stop giving me output after 2nd October 2011.

So, please any idea, help? I will be very thankful to you !

Tinkster · 12-09-2011, 12:28 AM

The first thing to check in this case is your cron logs.

The second thing to check, as always, is whether the "problem" is
w/ your data, in this case the logs. Do they actually contain
any lines that match your varied greps since October 2nd?

On a side note: why you define variables a through h, all
w/ the same content, is beyond me ;}

Cheers,
Tink

Satyaveer Arya · 12-09-2011, 12:56 AM

Hello Tink,

I have checked the cron logs. It shows logs since 4th Dec only and before this date there are no logs in cron file.

I have defined variables a through h showing date for different files.

Cedrik · 12-09-2011, 03:54 AM

What is the idea with running more from non-interactive session ?
I mean more expects to run in a terminal, no ? With scrolling functions, meaning user action.

AnanthaP · 12-09-2011, 04:49 AM

To check out whether cedriks's idea is correct, change the "more"s to '"cat" (assuming redirection is happening in the shell script) as you say

Quote:

And the above mentioned script's output is directed in script.sh file.

What could have happened is that before 2nd October, the outputs were less than one screen full and so there was no problemt.

By the way, 2nd October is the birth anniversary of Mahatma Gandhiji and a public holiday.

You can also check the process status logs. Are the previous day's jobs still running? This would happen if it were waiting for a user response ("more" command).

Also as tink says, why are you assigning the output of "date +"%b %_d" to 8 variables (a .. h)? Further as he says, you can check whether after 2nd Oct (Gandhi Jayanthi, public holiday) do the logs contain anything?

Code:

#!/bin/bash
date;
echo $HOSTNAME
uname -a
a=`date +"%b %_d"`;
echo "--------------------------IP HIT-----------------------------------------------"
cat /var/log/secure.1 | grep -v "172.16.106" | grep -i ssh2 | grep "$a";
cat /var/log/secure | grep -v "172.16.106" | grep -i ssh2 | grep "$a";
cat /var/log/secure.1 | grep -v "172.16.106" | grep -i subsystem | grep "$a";
cat /var/log/secure | grep -v "172.16.106" | grep -i subsystem | grep "$a";
echo "---------------------------------FTP IP HIT---------------------------------------"
cat /var/log/secure.1 | grep -v "172.16.106" | grep -i ftp | grep "$a";
cat /var/log/secure | grep -v "172.16.106" | grep -i ftp | grep "$a";
echo "--------------------------------FTP Client LOG--------------------------------"
cat /var/log/vsftpd.log.1 | grep ftp | grep "$a";
cat /var/log/vsftpd.log | grep ftp | grep "$a";
echo "--------------------------Total HIT-------------------------------------------"
echo "--------------------------Again Monitor---------------------------------------"

David the H. · 12-09-2011, 09:45 AM

All those almost-identical lines...looks like a good place to put a function or two to me.

Also, when you find yourself using a chain of multiple greps, it's probably time to switch to sed or awk instead. We'd probably have to see an example of the input text to come up with a proper solution though.

And hard-coding filenames only means you have to edit the script itself if anything changes. It would be more convenient to at least set them up in variables at the top of the script, or feed them to it as arguments, or even store them in a separate "config" file and source that, rather than using them directly.

theNbomr · 12-10-2011, 12:40 PM

Quote:

Originally Posted by AnanthaP

To check out whether cedriks's idea is correct, change the "more"s to '"cat" (assuming redirection is happening in the shell script) as you say

Actually, both are forms of Useless Use of Cat. Simplify it to

Code:

grep -v "172.16.106" /var/log/secure.1 | grep -i ssh2 | grep "$a";

--- rod.

Satyaveer Arya · 12-11-2011, 01:17 AM

Hey guys,

The problem is solved now. I found that the script's output was directed to some other file. Now it is fixed.

And one more thing, I have removed the unnecessary variables from coding. Now it's ok.

Now I'm marking this thread solved.

Please give reputation if anyone found this thread helpful.

Thank You friends.