LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   perl/bash script to monitor all processes running in my machine (https://www.linuxquestions.org/questions/linux-security-4/perl-bash-script-to-monitor-all-processes-running-in-my-machine-343067/)

pudhiyavan 07-14-2005 04:30 AM
perl/bash script to monitor all processes running in my machine
 
hi

i would like to monitor the processes running in my linux machine,
ps ax >> day1.txt
ps ax>> day2.txt
diff day1.txt day2.txt

from here if there is any new process, there should be a mail forwarded to my mail id,

i am very much new to this perl script, if anyone has similar kind of perl script please help me

thanks

sigsegv 07-14-2005 02:49 PM
You can't do this with diff. The output of ps ax is going to change daily regardless of if there are new processes or not. The CPU time, state information and so forth are going to change constantly.

Having said that, you could do the whole thing in sh with a combination of ps, awk, sort, diff and mail. If you'd like an example, reply back.

trickykid 07-14-2005 04:29 PM
Quote:
Originally posted by sigsegv
You can't do this with diff. The output of ps ax is going to change daily regardless of if there are new processes or not. The CPU time, state information and so forth are going to change constantly.

Having said that, you could do the whole thing in sh with a combination of ps, awk, sort, diff and mail. If you'd like an example, reply back.
Or just setup a monitoring application like nagios.. ;)

pudhiyavan 07-18-2005 01:57 AM
thanks sigsegv

I would like to have an example?

will you please guide me?

sigsegv 07-19-2005 02:09 PM
Something like this should do the trick:

Code:
#!/bin/sh

# Set this to your email
EMAIL=you@yourdomain.com

# If this has already been run before, /root/pslist.tmp should be there from the last run
# If it is, it needs to be in /root/pslist.txt so that we can compare the two
if [ -f /root/pslist.tmp ]; then
    mv /root/pslist.tmp /root/pslist.txt
fi

# Get the process list and sort them alphabetically
ps ax | awk '{print $1"\n"}'  | sort > /root/pslist.tmp
# diff with the process list from the last time we ran
diff /root/pslist.txt /root/pslist.tmp >> /dev/null

# If this conditional is true, the files are different. Let's mail the report
if [ $? ]; then
    DIFF=`diff /root/pslist.txt /root/pslist.tmp`
    echo "The processes between this run and the last run differ. You can see the full list at /root/pslist.txt and /root/pslist.tmp.      $DIFF" | mail $EMAIL
fi
This isn't tested at all, but I think it'll work, and if not it shouldn't take much to make it work.


All times are GMT -5. The time now is 06:48 PM.