艾瑞克的 Hexo 空間

[筆記] CentOS Linux 底下,偵測檔案內容異動 發信通知

本文發表於339天之前,文章內容可能已經過時,如有疑問,請聯繫作者。

最近在玩很久以前弄好的Smokeping裡面的Notify功能,希望能在VPN斷線的時候,第一時間得到訊息

雖然設定好了,但感覺Smokeping在送出警告信件的速度有點慢

所以另外找了個方法去檢查 smokeping.log,當檔案內容有異動時,就會發信通知,然後放到crontab裡,每分鐘檢查一次

程式內容如下

 

#!/usr/bin/env bash

#

Provides : Check if a file is changed

#

Limitations : none

Options : none

Requirements : bash, md5sum, cut

#

Modified : 11|07|2014

Author : ItsMe

Reply to : n/a in public

#

Editor : joe

#

#####################################

#

OK - lets work

#

what file do we want to monitor?

I did not include commandline options

but its easy to catch a command line option

and replace the defaul given here

file=/var/log/smokeping.log #設定要監控的目標檔案

path to file’s saved md5sum

I did not spend much effort in naming this file

if you ahve to test multiple files

so just use a commandline option and use the given

file name like: filename=$(basename “$file”)

fingerprintfile=/tmp/.bla.md5savefile #md5計算結果暫存檔

does the file exist? #檢查目標檔案是否存在

if [ ! -f $file ]

then

echo “ERROR: $file does not exist - aborting”

exit 1

fi

create the md5sum from the file to check #計算目標檔案的md5 checksum

filemd5=md5sum $file | cut -d " " -f1

check the md5 and

show an error when we check an empty file #確認不是空檔案

if [ -z $filemd5 ]

then

echo “The file is empty - aborting”

exit 1

else

pass silent

:

fi

do we have allready an saved fingerprint of this file?

if [ -f $fingerprintfile ]

then

yup - get the saved md5

savedmd5=cat $fingerprintfile

check again if its empty

if [ -z $savedmd5 ]

then

echo “The file is empty - aborting”

exit 1

fi

#compare the saved md5 with the one we have now #比對暫存檔和目標檔案的check sum , 如果不相符就寄出信件並附上最後一行

if [ “$savedmd5” = “$filemd5” ]

then

pass silent

:

else

echo “File has been changed”

tail -1 /var/log/smokeping.log |mail -s ‘Alert’ -v [email protected][192.168.10.240]

this does an beep on your pc speaker (probably)

you get this character when you do:

CTRL+V CTRL+G

fi

do we have allready an saved fingerprint of this file?

if [ -f $fingerprintfile ]

then

yup - get the saved md5

savedmd5=cat $fingerprintfile

check again if its empty

if [ -z $savedmd5 ]

then

echo “The file is empty - aborting”

exit 1

fi

#compare the saved md5 with the one we have now

if [ “$savedmd5” = “$filemd5” ]

then

pass silent

:

else

echo “File has been changed”

tail -1 /var/log/smokeping.log |mail -s ‘Alert’ -v [email protected][192.168.10.240]

this does an beep on your pc speaker (probably)

you get this character when you do:

CTRL+V CTRL+G

this is a bit creepy so you can use the ‘beep’ command

of your distro

or run some command you want to

echo

fi

fi

save the current md5

sure you don’t have to do this when the file hasn’t changed

but you know I’m lazy and it works…

echo $filemd5 > $fingerprintfile
 

編輯好之後,就放到crontab去

不過後來覺得有點脫褲子放屁了

實際的狀況會是這樣,由Smokeping發出的信件,和這個偵測機制發出的信件,其實也沒差幾秒鐘

似乎不必另外去偵測了

2017-01-17_08-48-56

 

 

 

avatar
[筆記] 用 grep 找出符合 IP address樣式的紀錄

  1. 1. Provides : Check if a file is changed
  2. 2. Limitations : none
  3. 3. Options : none
  4. 4. Requirements : bash, md5sum, cut
  5. 5. Modified : 11|07|2014
  6. 6. Author : ItsMe
  7. 7. Reply to : n/a in public
  8. 8. Editor : joe
  9. 9. OK - lets work
  10. 10. what file do we want to monitor?
  11. 11. I did not include commandline options
  12. 12. but its easy to catch a command line option
  13. 13. and replace the defaul given here
  14. 14. path to file’s saved md5sum
  15. 15. I did not spend much effort in naming this file
  16. 16. if you ahve to test multiple files
  17. 17. so just use a commandline option and use the given
  18. 18. file name like: filename=$(basename “$file”)
  19. 19. does the file exist? #檢查目標檔案是否存在
  20. 20. create the md5sum from the file to check #計算目標檔案的md5 checksum
  21. 21. check the md5 and
  22. 22. show an error when we check an empty file #確認不是空檔案
  23. 23. pass silent
  24. 24. do we have allready an saved fingerprint of this file?
  25. 25. yup - get the saved md5
  26. 26. check again if its empty
  27. 27. pass silent
  28. 28. echo “File has been changed”
  29. 29. this does an beep on your pc speaker (probably)
  30. 30. you get this character when you do:
  31. 31. CTRL+V CTRL+G
  32. 32. do we have allready an saved fingerprint of this file?
  33. 33. yup - get the saved md5
  34. 34. check again if its empty
  35. 35. pass silent
  36. 36. echo “File has been changed”
  37. 37. this does an beep on your pc speaker (probably)
  38. 38. you get this character when you do:
  39. 39. CTRL+V CTRL+G
  40. 40. this is a bit creepy so you can use the ‘beep’ command
  41. 41. of your distro
  42. 42. or run some command you want to
  43. 43. save the current md5
  44. 44. sure you don’t have to do this when the file hasn’t changed
  45. 45. but you know I’m lazy and it works…