I am trying to make an alert script that will run every 5min on my linux machine I only want the latest data to have an output and the data that already emailed will not be show anymore
tail -n1 /var/log/message | grep suppress | mail-s 'suppress' [email protected]
On my command above it will run the same data over and over again until I received a new suppress alert
When your scrip runs exactly every 5 minutes (perhaps using crontab), you can use
find /var/log/message -mmin -5 -exec grep suppress {} \; |
tail -1 |
mail-s 'suppress' [email protected]
EDIT: How to skip processing when the pipe is empty? Don't use the pipeline:
msg=$(find /var/log/message -mmin -5 -exec grep suppress {} \; | tail -1)
test -n "$msg" &&
echo "$msg" |
mail-s 'suppress' [email protected]
EDIT 2:
Please note, that you will get an old suppress line, when the log gets new lines without suppress in it. You will need more scripting to solve this (remember linenumber where the match was found or nr of matches ad compare) and also find a solution when the /var/log/message file is rotated.
Perhaps you should do something like
msg=$(diff /var/log/message /tmp/oldmessages | grep suppress | tail -1)
test -n "$msg" &&
cp /var/log/message /tmp/oldmessages &&
echo "$msg" |
mail-s 'suppress' [email protected]