From owner-freebsd-questions@FreeBSD.ORG  Wed Feb 20 01:42:54 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id B4AB0F1F
 for <freebsd-questions@freebsd.org>; Wed, 20 Feb 2013 01:42:54 +0000 (UTC)
 (envelope-from vogelke@hcst.net)
Received: from beta.hcst.com (beta.hcst.com [192.52.183.241])
 by mx1.freebsd.org (Postfix) with ESMTP id 8374B83E
 for <freebsd-questions@freebsd.org>; Wed, 20 Feb 2013 01:42:53 +0000 (UTC)
Received: from beta.hcst.com (localhost [127.0.0.1])
 by beta.hcst.com (8.14.3/8.14.3/Debian-9.4) with ESMTP id r1K1glTu004487
 for <freebsd-questions@freebsd.org>; Tue, 19 Feb 2013 20:42:47 -0500
Received: (from vogelke@localhost)
 by beta.hcst.com (8.14.3/8.14.3/Submit) id r1K1gkUp004486;
 Tue, 19 Feb 2013 20:42:46 -0500
Received: by kev.msw.wpafb.af.mil (Postfix, from userid 32768)
 id 4D8D0BF63; Tue, 19 Feb 2013 20:41:32 -0500 (EST)
To: freebsd-questions@freebsd.org
In-reply-to: <CAHM0YgvadWLRUNvyQzTj0b=YkfZAyzRRCTEyjByqXM9yXsynhg@mail.gmail.com>
 (message from b w on Tue, 19 Feb 2013 23:34:21 +0100)
Subject: Re: convert date and time to epoch in awk
Organization: Array Infotech
X-Disclaimer: I don't speak for the USAF or Array Infotech.
X-GPG-ID: 1024D/711752A0 2006-06-27 Karl Vogel <vogelke@pobox.com>
X-GPG-Fingerprint: 56EB 6DBF 4224 C953 F417  CC99 4C7C 7D46 7117 52A0
References: <CAHM0YgvadWLRUNvyQzTj0b=YkfZAyzRRCTEyjByqXM9yXsynhg@mail.gmail.com>
Message-Id: <20130220014133.4D8D0BF63@kev.msw.wpafb.af.mil>
Date: Tue, 19 Feb 2013 20:41:32 -0500 (EST)
From: vogelke+unix@pobox.com (Karl Vogel)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: vogelke+unix@pobox.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2013 01:42:54 -0000

>> On Tue, 19 Feb 2013 23:34:21 +0100, 
>> b w <bw.mail.lists@gmail.com> said:

b> I want to write a script that parses the last, say, 10 minutes of a log
b> file looking for a certain string, like 'error', or failed', and returns
b> how many times it shows up. The script would be run by Nagios and if it
b> returns > 0 an alert is raised. Each line of the log file starts with a
b> date like 'Feb 19 23:45:32'.

   Instead of looking for 'error' or 'failed', I'd recommend weeding out
   benign log entries and returning everything else.  Some examples:
     http://www.hcst.net/~vogelke/src/logfiles/

   Some relevant links for Nagios:
     http://serverfault.com/questions/172875/
     Is Nagios capable of covering the functionality of Logwatch?

     http://stackoverflow.com/questions/2373212/
     How do I use Nagios to monitor a log file

     http://serverfault.com/questions/44/
     What tool do you use to monitor your servers?

-- 
Karl Vogel                      I don't speak for the USAF or my company

John, this smells worse than your uncle's codpiece (which I wish you would
stop wearing to work), and in reviewing it I can deduce that your parents
were never formally introduced.
                    --Slashdot suggestion for inspecting poorly-written code