I'm running syslog-ng on solaris 10. I have a destination defined as - destination d_alert { program("/usr/local/admin/syslog-ng/alert.bash"); }; when syslog-ng is started, these processes also start... /bin/bash /usr/local/admin/syslog-ng/alert.bash /bin/sh -c /usr/local/admin/syslog-ng/alert.bash About an hour later, for no apparent reason, the 2 alert.bash processes die but the syslog-ng process continues to run. I've implemented a watchdog script to alert and restart syslog-ng when they die. It's interesting to note that they seem to die exactly 1 hour after being restarted. command used to start syslog-ng - /usr/local/sbin/syslog-ng -f /usr/local/etc/syslog-ng.conf >> ${logfile} 2>&1 alert.bash script... #!/bin/bash export mailaddr=jeff@xxxxxx.com while read input do hostname=`echo ${input} |awk '{print $4}' |sed 's|/.*||'` program=`echo ${input} |awk '{print $5}' |sed 's|[[(].*||'` echo ${input} | mailx -s "${program} alert on ${hostname}" ${mailaddr} done Any help would be greatly appreciated. - Jeff __________________________________ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/
On Fri, Oct 14, 2005 at 08:40:52AM -0700, Jeff DiNisco wrote:
I'm running syslog-ng on solaris 10. I have a destination defined as - destination d_alert { program("/usr/local/admin/syslog-ng/alert.bash"); };
when syslog-ng is started, these processes also start... /bin/bash /usr/local/admin/syslog-ng/alert.bash /bin/sh -c /usr/local/admin/syslog-ng/alert.bash
About an hour later, for no apparent reason, the 2 alert.bash processes die but the syslog-ng process continues to run. I've implemented a watchdog script to alert and restart syslog-ng when they die. It's interesting to note that they seem to die exactly 1 hour after being restarted.
Jeff, everything looks good at a glance. It's a good idea to redirect STDOUT to a file as you have, but that doesn't capture the output of programs started by syslog-ng. Try the FAQ item here: http://www.campin.net/syslog-ng/faq.html#capture_output See if output from the bash scripts helps. Since syslog-ng is still running it should capture anything that's sent. Hope this helps, -- Nate Your mantra for today is: Don't let data from the network near a shell. Bad things happen. -- Randall Schwartz
On Fri, Oct 14, 2005 at 08:40:52AM -0700, Jeff DiNisco wrote:
I'm running syslog-ng on solaris 10. I have a destination defined as - destination d_alert { program("/usr/local/admin/syslog-ng/alert.bash"); };
when syslog-ng is started, these processes also start... /bin/bash /usr/local/admin/syslog-ng/alert.bash /bin/sh -c /usr/local/admin/syslog-ng/alert.bash
About an hour later, for no apparent reason, the 2 alert.bash processes die but the syslog-ng process continues to run. I've implemented a watchdog script to alert and restart syslog-ng when they die. It's interesting to note that they seem to die exactly 1 hour after being restarted.
command used to start syslog-ng - /usr/local/sbin/syslog-ng -f /usr/local/etc/syslog-ng.conf >> ${logfile} 2>&1
alert.bash script... #!/bin/bash
export mailaddr=jeff@xxxxxx.com
while read input do hostname=`echo ${input} |awk '{print $4}' |sed 's|/.*||'` program=`echo ${input} |awk '{print $5}' |sed 's|[[(].*||'`
echo ${input} | mailx -s "${program} alert on ${hostname}" ${mailaddr} done
Any help would be greatly appreciated.
What does set | grep TMOUT says?
From man bash(1):
TMOUT If set to a value greater than zero, TMOUT is treated as the default timeout for the read builtin. The select command terminates if input does not arrive after TMOUT seconds when input is coming from a terminal. In an interactive shell, the value is interpreted as the number of seconds to wait for input after issuing the primary prompt. Bash terminates after waiting for that number of seconds if input does not arrive. -- Jan Thomas Moldung
that was it. thank you. I can't believe I didn't think of that. --- janth@moldung.no wrote:
On Fri, Oct 14, 2005 at 08:40:52AM -0700, Jeff DiNisco wrote:
I'm running syslog-ng on solaris 10. I have a destination defined as - destination d_alert { program("/usr/local/admin/syslog-ng/alert.bash"); };
when syslog-ng is started, these processes also start... /bin/bash /usr/local/admin/syslog-ng/alert.bash /bin/sh -c /usr/local/admin/syslog-ng/alert.bash
About an hour later, for no apparent reason, the 2 alert.bash processes die but the syslog-ng process continues to run. I've implemented a watchdog script to alert and restart syslog-ng when they die. It's interesting to note that they seem to die exactly 1 hour after being restarted.
command used to start syslog-ng - /usr/local/sbin/syslog-ng -f /usr/local/etc/syslog-ng.conf
${logfile} 2>&1
alert.bash script... #!/bin/bash
export mailaddr=jeff@xxxxxx.com
while read input do hostname=`echo ${input} |awk '{print $4}' |sed 's|/.*||'` program=`echo ${input} |awk '{print $5}' |sed 's|[[(].*||'`
echo ${input} | mailx -s "${program} alert on ${hostname}" ${mailaddr} done
Any help would be greatly appreciated.
What does set | grep TMOUT says?
From man bash(1):
TMOUT If set to a value greater than zero, TMOUT is treated as the default timeout for the read builtin. The select command terminates if input does not arrive after TMOUT seconds when input is coming from a terminal. In an interactive shell, the value is interpreted as the number of seconds to wait for input after issuing the primary prompt. Bash terminates after waiting for that number of seconds if input does not arrive.
-- Jan Thomas Moldung _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
__________________________________ Yahoo! Music Unlimited Access over 1 million songs. Try it free. http://music.yahoo.com/unlimited/
participants (3)
-
janth@moldung.no
-
Jeff DiNisco
-
Nate Campi