#!/bin/ksh # # newsyslog.HTC # # Usage: # # newsyslog.HTC # # There are no command line parameters at this time # # Dependencies: # # Uses the confifuration file /usr/lib/newsyslog.conf to determine what files will be # rotated in relation to the calendar date. If this file is not present, the Script # will abend and email the designated administrator. # # The syntax of the configuration file is as follows ... # # # Comments are permitted under the standard notation with a '#' at the start # # of the designated line. # # Blank lines are not permitted at this time # /var/adm/messages # # Notes: # # Several actions exist with the script but are commented out as there is no generally # recognized default value. Otherwise the command is complete with the exception of the # designated values noted with < value >. # # Created on Monday, May 19, 2003 by Mark Leighty ( mleighty@harfordtechnology.com ) # # Copyright (2003) Harford Technology Corporation. With the exception of commercial # resale, lease, license or other commercial transactions, permission is granted to # use, copy, modify, and distribute this software. By exercising this permission you # agree, that this Notice will accompany this software at all times. # # Harford Technology Corporation MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND # CONCERNING THIS SOFTWARE OR USE THEREOF. # # # ----------------------------------------------------------------------------- # # Revision Log # # ----------------------------------------------------------------------------- # VERSION=0.86 # mleighty@harfordtechnology.com # Still some rough edges but good enough to begin testing at a 'beta' level. Will # deploy as possible seeking feedback from pilot customers. # ----------------------------------------------------------------------------- # # Revision Log # # ----------------------------------------------------------------------------- # # Try to open /usr/lib/newsyslog.conf ... if it exists we're OK. If not we'll send # an email to root and abort. if [[ -f ./newsyslog.conf ]]; then # # This may be extreme, however, for the truly paranoid where their processing # schedule allows, we can down the hosts Interfaces if deemed necessary. # # ifconfig hmex down # Loop through the files in newsyslog.conf one at a time. Note that the grep # function shown eliniates the standard comment line for FILE in $( cat ./newsyslog.conf | grep "^[^#]" ) do # # At midnight we'll move the logfile to logfile.date ( ie; yesterday's date ) # mv $FILE $FILE.`TZ=EST+24 date +%d%b%Y` # # Statndard Mechanics to create the new log file, permissions, owner, etc. # touch $FILE chown root:root $FILE chmod 600 $FILE # # Look for any entries older than 30 days ( default ) and move to an archive # location. This should be fast as we are limiting it to a particular directory # and filename. Note the patters for the directory and filename. The default # assumes that the directory structure is 2 levels deep. In the event the directory # structure moves beyond 2 levels the pattern ${FILE%/*} will require modification. /usr/bin/find ${FILE%/*} -name ${FILE##/*/} -mtime +30 -exec mv {} /var/Archive \; done # # Reset the syslog daemon as we have disrupted the filehandles for the logs # kill -HUP `cat /etc/syslog.pid` # # Now that the syslog daemon is 'fully functional' we can restart the interfaces # # ifconfig hmex up else # # Something is amiss. As a default we'll notify root. # echo "Subject:Log Archival Aborted!!\n\nLog Archival `date +%d%b%Y` - Aborted ... /usr/lib/newsyslog.conf not found" | /usr/lib/sendmail root fi # # Manage the disk space efficiently. Remove log entries older than 1yr. Or ... greater # based on local policy # #/usr/bin/find /var/Archive -mtime +365 -exec rm {} \;