From owner-freebsd-questions@FreeBSD.ORG Tue Jul 27 20:35:55 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C68A16A4CF for ; Tue, 27 Jul 2004 20:35:55 +0000 (GMT) Received: from ns1.tiadon.com (SMTP.tiadon.com [69.27.132.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF38543D49 for ; Tue, 27 Jul 2004 20:35:54 +0000 (GMT) (envelope-from kdk@daleco.biz) Received: from [69.27.131.0] ([69.27.131.0]) by ns1.tiadon.com with Microsoft SMTPSVC(6.0.3790.0); Tue, 27 Jul 2004 15:37:38 -0500 Message-ID: <4106BCA6.8070908@daleco.biz> Date: Tue, 27 Jul 2004 15:35:50 -0500 From: "Kevin D. Kinsey, DaleCo, S.P." User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7) Gecko/20040712 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Chris References: <200407270748000178.07B2E20B@coolarrow.com> In-Reply-To: <200407270748000178.07B2E20B@coolarrow.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 27 Jul 2004 20:37:39.0421 (UTC) FILETIME=[8EEE68D0:01C47419] cc: freebsd-questions@freebsd.org Subject: Re: security run output X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2004 20:35:55 -0000 Chris wrote: >When I get my nightly email from the "security run output" it normally has about the last 20 lines or less from the /var/log/messages. Is there a way to increase that to about the last 50 lines? > >Thanks, >Chris > > Hmm, I don't think that it's necessarily true that /etc/periodic is sending you the last 20 or so lines ... it's only sending "kernel" notifications, which in the case of most setups of syslog.conf, are *also* logged to /var/log/messages, hence some confusion here. So, one good question in return would be, "are you sure that you're not seeing all you want in your periodic output?" You can take a look at the manpages and source for periodic(8) and friends to learn a little more... I'm in no way an expert --- it could be possible that an expert could modify the periodic.sh script to do what you want; but in your case, I'd think that you could create a small script to do what you want and run it nightly from your personal crontab. Something like what's below. HTH, Kevin Kinsey ------------------------------------------------------------------------------------------------------- #/bin/sh # mailmessages.sh --- mail yesterday's /var/log/messages output to root... yday=`date -v -1d "+%b %d"` grep "$yday" /var/log/messages | mail -s "Contents of /var/log/messages" root