forked from jantman/misc-scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsyslogAgeChecker.php
More file actions
executable file
·162 lines (146 loc) · 6.06 KB
/
syslogAgeChecker.php
File metadata and controls
executable file
·162 lines (146 loc) · 6.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#!/usr/bin/php
<?php
/**
* simple script to check time of last syslog line in some files, and send mail if >= X seconds
* useful in cases where syslog seems to be hanging, or remote logs seem to never showing up.
*
* This is intended only for those cases where you need something quick and dirty, not too efficient, and just to send email.
*
* Copyright 2011-2014 Jason Antman <jason@jasonantman.com> <http://www.jasonantman.com>
*
* You may use and redistribute this script in any way you see fit, provided that the following three terms are met:
* 1) You keep this entire notice, and all names, email addresses, and URLs, intact.
* 2) You send any changes/features/bug fixes back to me at the above address or via a Pull Request.
* 3) You update the below changelog.
*
******************************************************************************************
* The canonical source of the latest version of this script is:
* https://github.com/jantman/misc-scripts/blob/master/syslogAgeChecker.php
******************************************************************************************
* CHANGELOG:
* 2014-12-26 jason@jasonantman.com:
* - update with GitHub URL for script
* 2011-09-28 jason@jasonantman.com:
* - initial version
******************************************************************************************
*/
$EMAIL_TO = array('jantman@oit.rutgers.edu');
$LOCKFILE = "/root/syslogAgeChecker.lock";
$MAX_NOTIF_INTVL = 600; // in seconds - 600 = 10 minutes
if(isset($argv[1]) && $argv[1] == "--debug"){ define("DEBUG", true);} else { define("DEBUG", false);}
if(DEBUG){ fwrite(STDERR, "\tgetmyuid=".getmyuid()." getmygid=".getmygid()." get_current_user=".get_current_user()." posix_geteuid=".posix_geteuid()." posix_getegid=".posix_getegid()." posix_getuid=".posix_getuid()."\n");}
if(file_exists($LOCKFILE) && (time() - filemtime($LOCKFILE)) > $MAX_NOTIF_INTVL)
{
// we already sent out a notification in the last 10 minutes. Just bail out.
exit(0);
}
// else remove the (stale) lockfile if it's still there
if(file_exists($LOCKFILE)){ unlink($LOCKFILE);}
$DATE_PART = date("Y/m/d"); // date portion of path to syslog files
$FILES = array();
// array of FullPath => Max_Seconds_Old
$FILES["/var/log/messages"] = 120;
$FILES["/var/log/HOSTS/172.16.25.114/".$DATE_PART."/local2.log"] = 120;
$FILES["/var/log/HOSTS/172.16.25.124/".$DATE_PART."/local1.log"] = 120;
$FILES["/var/log/HOSTS/172.16.25.126/".$DATE_PART."/local1.log"] = 120;
$hostname = trim(shell_exec("hostname"));
$output = "Syslog Age Checker on $hostname\n\n";
$OK = true;
// loop
foreach($FILES as $fname => $threshold)
{
if(DEBUG){ fwrite(STDERR, "\tdoing file $fname thresh=$threshold\n");}
$line = getLastLine($fname);
if(DEBUG){ fwrite(STDERR, "\tgot line as ".($line !== false ? "'$line'" : 'False')."\n");}
if($line === false)
{
$output .= "ERROR - ".$fname." - Error reading file or file empty.\n";
$OK = false;
}
else
{
$date = dateFromSyslog($line);
if(DEBUG){ fwrite(STDERR, "\tgot date as $date (".date("Y-m-d H:i:s", $date).")\n");}
$age = time() - $date;
if($age >= $threshold)
{
if(DEBUG){ fwrite(STDERR, "\tage ($age) >= threshold ($threshold)\n");}
$output .= "PROBLEM - ".$fname." last line age=".prettyTime($age)." (".date("H:i:s", $date).")\n";
$OK = false;
}
else
{
if(DEBUG){ fwrite(STDERR, "\tage ($age) < threshold ($threshold)\n");}
$output .= $fname." last line age=".prettyTime($age)." (".date("H:i:s", $date).")\n";
}
}
}
$output .= "\n\nMail will not be sent again for another ".prettyTime($MAX_NOTIF_INTVL)."\n";
$output .= "\n\n\nMail generated by ".__FILE__." running on ".$hostname." at ".date("r")."\n";
if(! $OK)
{
if(DEBUG){ fwrite(STDERR, "\tNOT OK, writing output...\n");}
echo $output;
foreach($EMAIL_TO as $addr)
{
if(DEBUG){ fwrite(STDERR, "\tsending mail to $addr\n");}
mail($addr, "syslogAgeChecker on $hostname - PROBLEM", $output);
}
touch($LOCKFILE);
if(DEBUG){ fwrite(STDERR, "\ttouched $LOCKFILE\n");}
}
/**
* Parse the date out of a syslog line, return as an integer timestamp.
*
* Returns boolean False on error. Expects date to be at the beginning of the syslog line,
* in standard (traditional) syslog date format, that is, matching:
*
* @param string $line the full syslog line
* @return integer or False on error
*/
function dateFromSyslog($line)
{
$ptn = "/^(\S{3}\s{1,2}\d{1,2} \d{2}:\d{2}:\d{2})/";
$matches = array();
$foo = preg_match($ptn, $line, $matches);
if(! $foo){ return false;}
return strtotime($matches[0]);
}
/**
* Return the last line of a file, or FALSE on error or empty file
*
* This currently uses a shell_exec("tail -1 $fname"). I'm aware this may cause some issues, but AFAIK it's more
* efficient than any of the PHP file handling.
*
* @param string $fname the full path to the file
* @return string or False
*/
function getLastLine($fname)
{
if(DEBUG){ fwrite(STDERR, "\t-> entering getLastLine($fname)\n");}
/*
if(! is_file($fname) || ! is_readable($fname) || filesize($fname) < 1)
{
if(DEBUG){ fwrite(STDERR, "\t-> failed is_file test or is_readable test, returning false\n");}
if(DEBUG){ fwrite(STDERR, "\t is_file returns ".(is_file($fname) ? 'true' : 'false')." is_readable returns ".(is_readable($fname) ? 'true' : 'false')." filesize returns ".filesize($fname)."\n");}
return false;
}
*/
$cmd = "tail -1 ".escapeshellarg($fname);
if(DEBUG){ fwrite(STDERR, "\t-> executing command: $cmd\n");}
$line = trim(shell_exec($cmd));
if(DEBUG){ fwrite(STDERR, "\t-> got raw line as '$line'\n");}
if(strlen($line) < 1){ if(DEBUG){ fwrite(STDERR, "\t-> strlen($line) < 1, returning false\n");} return false;}
return $line;
}
function prettyTime($t)
{
$s = "";
if($t > 86400){ $s .= ((int)($t / 86400))."d "; $t = $t - (((int)($t / 86400)) * 86400);}
if($t > 3600){ $s .= ((int)($t / 3600))."h "; $t = $t - (((int)($t / 3600)) * 3600);}
if($t > 60){ $s .= ((int)($t / 60))."m "; $t = $t - (((int)($t / 60)) * 60);}
if($t != 0){ $s .= $t."s";}
if(trim($s) == ""){ return "0s";}
return trim($s);
}
?>