1

I have a linux box that occasionally puts an error in the syslog. That error indicates a critical problem with the system. I'm working on resolving the root of the problem. However, I'd like a good bandaid until I get it fixed. I've thought about running a cron job every minute that checks for the error in the syslog. That might work but it could potentially leave the system in a bad state for close to a full minute. This is the error:

 action frame to ff:ff:ff:ff:ff:ff

I'm wondering if it would make sense to run a script on startup. That script would somehow tail -F the syslog and would run the corrective script when it finds the error message. Is this a reasonable idea or is there a better solution. If this is reasonable then how do I tail the syslog?

Zombo
  • 1
  • 62
  • 391
  • 407
exvance
  • 1,339
  • 4
  • 13
  • 31
  • http://stackoverflow.com/questions/7566569/how-to-continuosly-monitor-the-directory-using-dnotify-inotify-command Take a look at the answer in this post, it even has a little script that might fit your needs. – Jorge Núñez Mar 13 '13 at 21:06
  • 1
    Can you not configure your syslog to also use a named pipe or a script like `^program-to-execute;template`? – Wrikken Mar 13 '13 at 21:07

1 Answers1

0

If you are running a typical linux box with rsyslog as the system logging daemon, then you can use a rsyslog filter and the omprog module to trigger some arbitrary command when you get a match: http://www.rsyslog.com/doc/v8-stable/configuration/modules/omprog.html

Stephane Martin
  • 1,612
  • 1
  • 17
  • 25