Date: Tue, 11 Apr 2017 15:19:15 -0400 From: Ernie Luzar <luzar722@gmail.com> To: Ben Woods <woodsb02@gmail.com> Cc: FreeBSD questions <freebsd-questions@freebsd.org> Subject: Re: pipe syslog records to a script Message-ID: <58ED2C33.5020009@gmail.com> In-Reply-To: <CAOc73CAT7tjizi%2B1c%2BeZgbWnCWP6UWPGHxJFtO9K2VKqTchMJQ@mail.gmail.com> References: <58E2C19A.40306@gmail.com> <CAOc73CAT7tjizi%2B1c%2BeZgbWnCWP6UWPGHxJFtO9K2VKqTchMJQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ben Woods wrote:
> On 4 April 2017 at 05:41, Ernie Luzar <luzar722@gmail.com
> <mailto:luzar722@gmail.com>> wrote:
>
> Hello list;
>
> In syslog.conf I have these 2 lines.
> local0.* /var/log/security
> local0.* | exec /usr/local/bin/ipf.table
>
> The security log file is being populated and working fine.
> Now I want to pipe the same log records to a script for processing.
>
> The ipf.table script looks like this
>
> #! /bin/sh
> $1 >> /var/log/ipf.table.log1
> $@ >> /var/log/ipf.table.log2
> $* >> /var/log/ipf.table.log3
>
> service syslogd restart
>
> The ipf.table.log1, 2, 3 never get populated even though I see new
> entries in the security.log file.
>
> What am I doing wrong here?
>
>
>
> Hi Ernie,
>
> I never even realised there was a feature in FreeBSD's syslog to pipe
> the log to a command. Interesting!
>
> I have just played around with this, and the problem you are facing is
> that the log entry is piped to the command as stdin, not passed as an
> argument.
>
> Use something like the following in your script to process the log as stdin:
> while read LINE; do
> echo ${LINE} >> /var/log/ipf.table.log1
> done
>
> Good luck!
>
> Regards,
> Ben
Ben;
Thanks for the feedback.
By trial and error I also came to the same conclusion,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?58ED2C33.5020009>